Microsoft CVE Summary

This report contains detail for the following vulnerabilities:

Tag CVE ID CVE Title
Application Virtualization CVE-2021-26890 Application Virtualization Remote Code Execution Vulnerability
Azure CVE-2021-27075 Azure Virtual Machine Information Disclosure Vulnerability
Azure Sphere CVE-2021-27074 Azure Sphere Unsigned Code Execution Vulnerability
Azure Sphere CVE-2021-27080 Azure Sphere Unsigned Code Execution Vulnerability
Internet Explorer CVE-2021-26411 Internet Explorer Memory Corruption Vulnerability
Internet Explorer CVE-2021-27085 Internet Explorer Remote Code Execution Vulnerability
Microsoft ActiveX CVE-2021-26869 Windows ActiveX Installer Service Information Disclosure Vulnerability
Microsoft Edge (Chromium-based) CVE-2021-21167 Chromium CVE-2021-21167: Use after free in bookmarks
Microsoft Edge (Chromium-based) CVE-2021-21177 Chromium CVE-2021-21177: Insufficient policy enforcement in Autofill
Microsoft Edge (Chromium-based) CVE-2021-21178 Chromium CVE-2021-21178 : Inappropriate implementation in Compositing
Microsoft Edge (Chromium-based) CVE-2021-21176 Chromium CVE-2021-21176: Inappropriate implementation in full screen mode
Microsoft Edge (Chromium-based) CVE-2021-21174 Chromium CVE-2021-21174: Inappropriate implementation in Referrer
Microsoft Edge (Chromium-based) CVE-2021-21166 Chromium CVE-2021-21166: Object lifecycle issue in audio
Microsoft Edge (Chromium-based) CVE-2021-21175 Chromium CVE-2021-21175: Inappropriate implementation in Site isolation
Microsoft Edge (Chromium-based) CVE-2021-21181 Chromium CVE-2021-21181: Side-channel information leakage in autofill
Microsoft Edge (Chromium-based) CVE-2021-21183 Chromium CVE-2021-21183: Inappropriate implementation in performance APIs
Microsoft Edge (Chromium-based) CVE-2021-21182 Chromium CVE-2021-21182: Insufficient policy enforcement in navigations
Microsoft Edge (Chromium-based) CVE-2021-21185 Chromium CVE-2021-21185: Insufficient policy enforcement in extensions
Microsoft Edge (Chromium-based) CVE-2021-21186 Chromium CVE-2021-21186: Insufficient policy enforcement in QR scanning
Microsoft Edge (Chromium-based) CVE-2021-21179 Chromium CVE-2021-21179: Use after free in Network Internals
Microsoft Edge (Chromium-based) CVE-2021-21180 Chromium CVE-2021-21180: Use after free in tab search
Microsoft Edge (Chromium-based) CVE-2021-21161 Chromium CVE-2021-21161: Heap buffer overflow in TabStrip
Microsoft Edge (Chromium-based) CVE-2021-21160 Chromium CVE-2021-21160: Heap buffer overflow in WebAudio
Microsoft Edge (Chromium-based) CVE-2021-21159 Chromium CVE-2021-21159: Heap buffer overflow in TabStrip
Microsoft Edge (Chromium-based) CVE-2021-21162 Chromium CVE-2021-21162: Use after free in WebRTC
Microsoft Edge (Chromium-based) CVE-2021-21165 Chromium CVE-2021-21165: Object lifecycle issue in audio
Microsoft Edge (Chromium-based) CVE-2021-21164 Chromium CVE-2021-21164: Insufficient data validation in Chrome for iOS
Microsoft Edge (Chromium-based) CVE-2021-21163 Chromium CVE-2021-21163: Insufficient data validation in Reader Mode
Microsoft Edge (Chromium-based) CVE-2021-21171 Chromium CVE-2021-21171: Incorrect security UI in TabStrip and Navigation
Microsoft Edge (Chromium-based) CVE-2021-21172 Chromium CVE-2021-21172: Insufficient policy enforcement in File System API
Microsoft Edge (Chromium-based) CVE-2021-21173 Chromium CVE-2021-21173: Side-channel information leakage in Network Internals
Microsoft Edge (Chromium-based) CVE-2021-21170 Chromium CVE-2021-21170: Incorrect security UI in Loader
Microsoft Edge (Chromium-based) CVE-2020-27844 Chromium CVE-2020-27844: Heap buffer overflow in OpenJPEG
Microsoft Edge (Chromium-based) CVE-2021-21168 Chromium CVE-2021-21168: Insufficient policy enforcement in appcache
Microsoft Edge (Chromium-based) CVE-2021-21169 Chromium CVE-2021-21169: Out of bounds memory access in V8
Microsoft Edge (Chromium-based) CVE-2021-21191 Chromium CVE-2021-21191: Use after free in WebRTC
Microsoft Edge (Chromium-based) CVE-2021-21184 Chromium CVE-2021-21184: Inappropriate implementation in performance APIs
Microsoft Edge (Chromium-based) CVE-2021-21190 Chromium CVE-2021-21190 : Uninitialized Use in PDFium
Microsoft Edge (Chromium-based) CVE-2021-21189 Chromium CVE-2021-21189: Insufficient policy enforcement in payments
Microsoft Edge (Chromium-based) CVE-2021-21188 Chromium CVE-2021-21188: Use after free in Blink
Microsoft Edge (Chromium-based) CVE-2021-21192 Chromium CVE-2021-21192: Heap buffer overflow in tab groups
Microsoft Edge (Chromium-based) CVE-2021-21187 Chromium CVE-2021-21187: Insufficient data validation in URL formatting
Microsoft Edge (Chromium-based) CVE-2021-21193 Chromium CVE-2021-21193: Use after free in Blink
Microsoft Exchange Server CVE-2021-26858 Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server CVE-2021-26855 Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server CVE-2021-26857 Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server CVE-2021-27065 Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server CVE-2021-27078 Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server CVE-2021-26854 Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server CVE-2021-26412 Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2021-26868 Windows Graphics Component Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2021-27077 Windows Win32k Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2021-26875 Windows Win32k Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2021-26863 Windows Win32k Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2021-26876 OpenType Font Parsing Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2021-26861 Windows Graphics Component Remote Code Execution Vulnerability
Microsoft Office CVE-2021-27059 Microsoft Office Remote Code Execution Vulnerability
Microsoft Office CVE-2021-27058 Microsoft Office ClickToRun Remote Code Execution Vulnerability
Microsoft Office CVE-2021-24108 Microsoft Office Remote Code Execution Vulnerability
Microsoft Office Excel CVE-2021-27054 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office Excel CVE-2021-27053 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office Excel CVE-2021-27057 Microsoft Office Remote Code Execution Vulnerability
Microsoft Office PowerPoint CVE-2021-27056 Microsoft PowerPoint Remote Code Execution Vulnerability
Microsoft Office SharePoint CVE-2021-24104 Microsoft SharePoint Spoofing Vulnerability
Microsoft Office SharePoint CVE-2021-27076 Microsoft SharePoint Server Remote Code Execution Vulnerability
Microsoft Office SharePoint CVE-2021-27052 Microsoft SharePoint Server Information Disclosure Vulnerability
Microsoft Office Visio CVE-2021-27055 Microsoft Visio Security Feature Bypass Vulnerability
Microsoft Windows Codecs Library CVE-2021-27051 HEVC Video Extensions Remote Code Execution Vulnerability
Microsoft Windows Codecs Library CVE-2021-27062 HEVC Video Extensions Remote Code Execution Vulnerability
Microsoft Windows Codecs Library CVE-2021-27061 HEVC Video Extensions Remote Code Execution Vulnerability
Microsoft Windows Codecs Library CVE-2021-26884 Windows Media Photo Codec Information Disclosure Vulnerability
Microsoft Windows Codecs Library CVE-2021-26902 HEVC Video Extensions Remote Code Execution Vulnerability
Microsoft Windows Codecs Library CVE-2021-24110 HEVC Video Extensions Remote Code Execution Vulnerability
Microsoft Windows Codecs Library CVE-2021-24089 HEVC Video Extensions Remote Code Execution Vulnerability
Microsoft Windows Codecs Library CVE-2021-27047 HEVC Video Extensions Remote Code Execution Vulnerability
Microsoft Windows Codecs Library CVE-2021-27050 HEVC Video Extensions Remote Code Execution Vulnerability
Microsoft Windows Codecs Library CVE-2021-27049 HEVC Video Extensions Remote Code Execution Vulnerability
Microsoft Windows Codecs Library CVE-2021-27048 HEVC Video Extensions Remote Code Execution Vulnerability
Power BI CVE-2021-26859 Microsoft Power BI Information Disclosure Vulnerability
Role: DNS Server CVE-2021-27063 Windows DNS Server Denial of Service Vulnerability
Role: DNS Server CVE-2021-26894 Windows DNS Server Remote Code Execution Vulnerability
Role: DNS Server CVE-2021-26895 Windows DNS Server Remote Code Execution Vulnerability
Role: DNS Server CVE-2021-26893 Windows DNS Server Remote Code Execution Vulnerability
Role: DNS Server CVE-2021-26877 Windows DNS Server Remote Code Execution Vulnerability
Role: DNS Server CVE-2021-26896 Windows DNS Server Denial of Service Vulnerability
Role: DNS Server CVE-2021-26897 Windows DNS Server Remote Code Execution Vulnerability
Role: Hyper-V CVE-2021-26879 Windows NAT Denial of Service Vulnerability
Role: Hyper-V CVE-2021-26867 Windows Hyper-V Remote Code Execution Vulnerability
Visual Studio CVE-2021-21300 Git for Visual Studio Remote Code Execution Vulnerability
Visual Studio Code CVE-2021-27081 Visual Studio Code ESLint Extension Remote Code Execution Vulnerability
Visual Studio Code CVE-2021-27060 Visual Studio Code Remote Code Execution Vulnerability
Visual Studio Code CVE-2021-27084 Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability
Visual Studio Code CVE-2021-27083 Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability
Visual Studio Code CVE-2021-27082 Quantum Development Kit for Visual Studio Code Remote Code Execution Vulnerability
Visual Studio Code - Python extension CVE-2020-17163 Visual Studio Code Python Extension Remote Code Execution Vulnerability
Windows Admin Center CVE-2021-27066 Windows Admin Center Security Feature Bypass Vulnerability
Windows Container Execution Agent CVE-2021-26865 Windows Container Execution Agent Elevation of Privilege Vulnerability
Windows Container Execution Agent CVE-2021-26891 Windows Container Execution Agent Elevation of Privilege Vulnerability
Windows DirectX CVE-2021-24095 DirectX Elevation of Privilege Vulnerability
Windows Error Reporting CVE-2021-24090 Windows Error Reporting Elevation of Privilege Vulnerability
Windows Event Tracing CVE-2021-26898 Windows Event Tracing Elevation of Privilege Vulnerability
Windows Event Tracing CVE-2021-26872 Windows Event Tracing Elevation of Privilege Vulnerability
Windows Event Tracing CVE-2021-24107 Windows Event Tracing Information Disclosure Vulnerability
Windows Event Tracing CVE-2021-26901 Windows Event Tracing Elevation of Privilege Vulnerability
Windows Extensible Firmware Interface CVE-2021-26892 Windows Extensible Firmware Interface Security Feature Bypass Vulnerability
Windows Folder Redirection CVE-2021-26887 Microsoft Windows Folder Redirection Elevation of Privilege Vulnerability
Windows Installer CVE-2021-26862 Windows Installer Elevation of Privilege Vulnerability
Windows Media CVE-2021-26881 Microsoft Windows Media Foundation Remote Code Execution Vulnerability
Windows Overlay Filter CVE-2021-26874 Windows Overlay Filter Elevation of Privilege Vulnerability
Windows Overlay Filter CVE-2021-26860 Windows App-V Overlay Filter Elevation of Privilege Vulnerability
Windows Print Spooler Components CVE-2021-26878 Windows Print Spooler Elevation of Privilege Vulnerability
Windows Print Spooler Components CVE-2021-1640 Windows Print Spooler Elevation of Privilege Vulnerability
Windows Projected File System Filter Driver CVE-2021-26870 Windows Projected File System Elevation of Privilege Vulnerability
Windows Registry CVE-2021-26864 Windows Virtual Registry Provider Elevation of Privilege Vulnerability
Windows Remote Access API CVE-2021-26882 Remote Access API Elevation of Privilege Vulnerability
Windows Storage Spaces Controller CVE-2021-26880 Storage Spaces Controller Elevation of Privilege Vulnerability
Windows Update Assistant CVE-2021-27070 Windows 10 Update Assistant Elevation of Privilege Vulnerability
Windows Update Stack CVE-2021-26889 Windows Update Stack Elevation of Privilege Vulnerability
Windows Update Stack CVE-2021-1729 Windows Update Stack Setup Elevation of Privilege Vulnerability
Windows Update Stack CVE-2021-26866 Windows Update Service Elevation of Privilege Vulnerability
Windows UPnP Device Host CVE-2021-26899 Windows UPnP Device Host Elevation of Privilege Vulnerability
Windows User Profile Service CVE-2021-26886 User Profile Service Denial of Service Vulnerability
Windows User Profile Service CVE-2021-26873 Windows User Profile Service Elevation of Privilege Vulnerability
Windows WalletService CVE-2021-26885 Windows WalletService Elevation of Privilege Vulnerability
Windows WalletService CVE-2021-26871 Windows WalletService Elevation of Privilege Vulnerability
Windows Win32K CVE-2021-26900 Windows Win32k Elevation of Privilege Vulnerability

CVE-2021-1640 - Windows Print Spooler Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-1640
MITRE
NVD
CVE Title: Windows Print Spooler Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What privileges would an attacker gain?

An attacker who successfully exploited this vulnerability could overwrite arbitrary file content in the security context of the local system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-1640
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows RT 8.1 5000848 (Monthly Rollup) Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Elevation of Privilege 4601348
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Elevation of Privilege 4601348
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-1640 Blaz Satler and Ziga Sumenjak of 0patch


JeongOh Kyea (@kkokkokye) of THEORI working with Trend Micro Zero Day Initiative


CVE-2021-1729 - Windows Update Stack Setup Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-1729
MITRE
NVD
CVE Title: Windows Update Stack Setup Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.1/6.2
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-1729
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-1729 Abdelhamid Naceri (halov) working with Trend Micro Zero Day Initiative


CVE-2021-24095 - DirectX Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24095
MITRE
NVD
CVE Title: DirectX Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.0/6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24095
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24095 liuxiaoliang and pjf


CVE-2021-24108 - Microsoft Office Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24108
MITRE
NVD
CVE Title: Microsoft Office Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


What kind of user interaction is required?

A user needs to be tricked into downloading and running malicious files.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24108
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
No
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
No
Microsoft Office 2010 Service Pack 2 (32-bit editions) 4504703 (Security Update) Important Remote Code Execution 4486698 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2010 Service Pack 2 (64-bit editions) 4504703 (Security Update) Important Remote Code Execution 4486698 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2013 RT Service Pack 1 4493228 (Security Update) Important Remote Code Execution 4484469 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2013 Service Pack 1 (32-bit editions) 4493228 (Security Update) Important Remote Code Execution 4484469 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2013 Service Pack 1 (64-bit editions) 4493228 (Security Update) Important Remote Code Execution 4484469 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2016 (32-bit edition) 4493225 (Security Update) Important Remote Code Execution 4484466 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2016 (64-bit edition) 4493225 (Security Update) Important Remote Code Execution 4484466 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
No

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24108 Felix Boulet


CVE-2021-26411 - Internet Explorer Memory Corruption Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26411
MITRE
NVD
CVE Title: Internet Explorer Memory Corruption Vulnerability
CVSS:

CVSS:3.0 8.8/7.9
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeChanged
ConfidentialityLow
IntegrityHigh
AvailabilityLow
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

How could an attacker exploit the vulnerability?

An attacker could host a specially crafted website designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. The attacker could also take advantage of compromised websites, or websites that accept or host user-provided content or advertisements, by adding specially crafted content that could exploit the vulnerability. However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action, typically by an enticement in an email or instant message, or by getting the user to open an attachment sent through email.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected Yes Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26411
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Internet Explorer 11 on Windows 10 for 32-bit Systems 5000807 (Security Update) Critical Remote Code Execution 4601331 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 for x64-based Systems 5000807 (Security Update) Critical Remote Code Execution 4601331 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems 5000803 (Security Update) Critical Remote Code Execution 4601318
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Critical Remote Code Execution 4601318
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Critical Remote Code Execution 4601354 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Critical Remote Code Execution 4601354 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Critical Remote Code Execution 4601354 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Critical Remote Code Execution 4601345
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Critical Remote Code Execution 4601345
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Critical Remote Code Execution 4601345
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems 5000808 (Security Update) Critical Remote Code Execution 4601315
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems 5000808 (Security Update) Critical Remote Code Execution 4601315
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Critical Remote Code Execution 4601315
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Critical Remote Code Execution 4601315
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Critical Remote Code Execution 4601315
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Critical Remote Code Execution 4601319
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Critical Remote Code Execution 4601319
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Critical Remote Code Execution 4601319
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Critical Remote Code Execution 4601319
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Critical Remote Code Execution 4601319
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Critical Remote Code Execution 4601319
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 5000800 (IE Cumulative)
5000841 (Monthly Rollup)
Critical Remote Code Execution 4601313
4601347
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 5000800 (IE Cumulative)
5000841 (Monthly Rollup)
Critical Remote Code Execution 4601313
4601347
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 8.1 for 32-bit systems 5000800 (IE Cumulative)
5000848 (Monthly Rollup)
Critical Remote Code Execution 4601313
4601384
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 8.1 for x64-based systems 5000800 (IE Cumulative)
5000848 (Monthly Rollup)
Critical Remote Code Execution 4601313
4601384
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows RT 8.1 5000848 (Monthly Rollup) Critical Remote Code Execution 4601384
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 5000800 (IE Cumulative)
5000841 (Monthly Rollup)
Critical Remote Code Execution 4601313
4601347
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2012 5000800 (IE Cumulative)
5000847 (Monthly Rollup)
Critical Remote Code Execution 4601313
4601348
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2012 R2 5000800 (IE Cumulative)
5000848 (Monthly Rollup)
Critical Remote Code Execution 4601313
4601384
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2016 5000803 (Security Update) Critical Remote Code Execution 4601318
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2019 5000822 (Security Update) Critical Remote Code Execution 4601345
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 5000844 (Monthly Rollup)
5000800 (IE Cumulative)
Critical Remote Code Execution 4601360

4601313
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 5000844 (Monthly Rollup)
5000800 (IE Cumulative)
Critical Remote Code Execution 4601360

4601313
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems 5000807 (Security Update) Critical Remote Code Execution 4601331 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems 5000807 (Security Update) Critical Remote Code Execution 4601331 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems 5000803 (Security Update) Critical Remote Code Execution 4601318
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Critical Remote Code Execution 4601318
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Critical Remote Code Execution 4601354 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Critical Remote Code Execution 4601354 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Critical Remote Code Execution 4601354 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Critical Remote Code Execution 4601345
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Critical Remote Code Execution 4601345
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Critical Remote Code Execution 4601345
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems 5000808 (Security Update) Critical Remote Code Execution 4601315
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems 5000808 (Security Update) Critical Remote Code Execution 4601315
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Critical Remote Code Execution 4601315
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Critical Remote Code Execution 4601315
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Critical Remote Code Execution 4601315
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Critical Remote Code Execution 4601319
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Critical Remote Code Execution 4601319
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Critical Remote Code Execution 4601319
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Critical Remote Code Execution 4601319
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Critical Remote Code Execution 4601319
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Critical Remote Code Execution 4601319
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows Server 2016 5000803 (Security Update) Critical Remote Code Execution 4601318
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Microsoft Edge (EdgeHTML-based) on Windows Server 2019 5000822 (Security Update) Critical Remote Code Execution 4601345
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26411 yangkang(@dnpushme) & huangyi(@C0rk1_H)


Enki




CVE-2021-27060 - Visual Studio Code Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27060
MITRE
NVD
CVE Title: Visual Studio Code Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27060
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Visual Studio Code Release Notes (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27060 RyotaK (@ryotkak)


CVE-2021-27070 - Windows 10 Update Assistant Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27070
MITRE
NVD
CVE Title: Windows 10 Update Assistant Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.3/6.4
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27070
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.3
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.3
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.3
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.3
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.3
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.3
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.3
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.3
Temporal: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27070 Abdelhamid Naceri (halov) working with Trend Micro Zero Day Initiative


CVE-2021-27074 - Azure Sphere Unsigned Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27074
MITRE
NVD
CVE Title: Azure Sphere Unsigned Code Execution Vulnerability
CVSS:

CVSS:3.0 6.2/5.6
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityNone
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What version of Azure Sphere has the update that protects from this vulnerability?

All versions of Azure Sphere that are 21.02 and higher are protected from this vulnerability.

How do I ensure my Azure Sphere device has the update?

If your device is new or has not been connected to the internet for a while, connect the device to a secure, private local network with internet access and allow the device to automatically update itself. If the device is already online, verify that the operating system version 21.02 has been installed using the Azure Sphere CLI command:

azsphere device show-os-version

If the device is connected to the internet and does not yet have the latest update, check the update status with the following Azure Sphere CLI command:

azsphere device show-deployment-status

Azure Sphere is running on IoT devices in my environment. How do I know if any of those devices are affected by this vulnerability?

An IoT device that is running Azure Sphere and is connected to a network is automatically updated every day. This vulnerability has already been addressed so the devices are protected from this vulnerability. More information on Azure Sphere’s CVE principles can be found on https://docs.microsoft.com/en-us/azure-sphere/deployment/azure-sphere-cves


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27074
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Azure Sphere Critical Remote Code Execution None Base: 6.2
Temporal: 5.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27074 Lilith [^_^], Claudio Bozzato of Cisco Talos


CVE-2021-27075 - Azure Virtual Machine Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27075
MITRE
NVD
CVE Title: Azure Virtual Machine Information Disclosure Vulnerability
CVSS:

CVSS:3.0 6.8/6.1
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What type of information could be disclosed by this vulnerability?

Exploiting this vulnerability could allow a low privileged user to gain virtual machine credentials as well as credentials to extensions associated with the virtual machine.

What are some of the services affected by this vulnerability?

The following table lists some of the affected services, and the changes associated with the remedy for this vulnerability:

Affected Product Remedy Action on customers
Azure Container Instance The ability for containers to be able to talk to the metadata and wireserver endpoints was disabled as part of this release. The underlying platform now applies network ACLs to block the outgoing traffic to those services. None
Azure Service Fabric The ability for containers to be able to talk to the metadata and wireserver endpoints was disabled as part of this release. The underlying platform now applies network ACLs to block the outgoing traffic to those services. None
Azure Kubernetes Service Containers not running in host network can no longer access wireserver since node image 2020.10.15. Customers running image version below 2020.10.15 should update to this version or a later version. See the Security Updates table for the link to updating instructions.
Azure Container Registry The ability for containers running on ACR Tasks to access wireserver was blocked as a part of this release. None
Azure Spring Cloud The ability for containers to be able to talk to the wireserver endpoints was disabled as part of this release. None

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27075
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Azure Container Instance Important Information Disclosure None Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C
Unknown
Azure Kubernetes Service Release Notes (Security Update) Important Information Disclosure None Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Azure Service Fabric Important Information Disclosure None Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C
Unknown
Azure Spring Cloud Important Information Disclosure None Base: 6.8
Temporal: 6.1
Vector: CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27075 Paul Litvak of Intezer


wtm at Offensi


CVE-2021-27077 - Windows Win32k Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27077
MITRE
NVD
CVE Title: Windows Win32k Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/7.0
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely Yes No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27077
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows RT 8.1 5000848 (Monthly Rollup) Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Elevation of Privilege 4601348
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Elevation of Privilege 4601348
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 7.0
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27077 Marcin Wiazowski working with Trend Micro Zero Day Initiative


CVE-2021-27080 - Azure Sphere Unsigned Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27080
MITRE
NVD
CVE Title: Azure Sphere Unsigned Code Execution Vulnerability
CVSS:

CVSS:3.0 9.3/9.3
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

FAQ:

What version of Azure Sphere has the update that protects from this vulnerability?

All versions of Azure Sphere that are 21.02 and higher are protected from this vulnerability.

How do I ensure my Azure Sphere device has the update?

If your device is new or has not been connected to the internet for a while, connect the device to a secure, private local network with internet access and allow the device to automatically update itself. If the device is already online, verify that the operating system version 21.02 has been installed using the Azure Sphere CLI command:

azsphere device show-os-version

If the device is connected to the internet and does not yet have the latest update, check the update status with the following Azure Sphere CLI command:

azsphere device show-deployment-status

Azure Sphere is running on IoT devices in my environment. How do I know if any of those devices are affected by this vulnerability?

An IoT device that is running Azure Sphere and is connected to a network is automatically updated every day. This vulnerability has already been addressed so the devices are protected from this vulnerability. More information on Azure Sphere’s CVE principles can be found on https://docs.microsoft.com/en-us/azure-sphere/deployment/azure-sphere-cves


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27080
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Azure Sphere Critical Remote Code Execution None Base: 9.3
Temporal: 9.3
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27080 Lilith >_> and Claudio Bozzato of Cisco Talos.


CVE-2021-27081 - Visual Studio Code ESLint Extension Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27081
MITRE
NVD
CVE Title: Visual Studio Code ESLint Extension Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27081
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Visual Studio Code ESLint extension Release Notes (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27081 David Dworken


CVE-2021-27082 - Quantum Development Kit for Visual Studio Code Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27082
MITRE
NVD
CVE Title: Quantum Development Kit for Visual Studio Code Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


1.1    2021-03-12T08:00:00Z    

Added exploitability assessment. This is an informational change only.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27082
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Quantum Development Kit for Visual Studio Code Release Notes (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27082 David Dworken


CVE-2021-27083 - Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27083
MITRE
NVD
CVE Title: Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27083
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Visual Studio Code Remote - Containers Extension Release Notes (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27083 David Dworken


CVE-2020-17163 - Visual Studio Code Python Extension Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-17163
MITRE
NVD
CVE Title: Visual Studio Code Python Extension Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-16T07:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-17163
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Python extension for Visual Studio Code Release Notes (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2020-17163 David Dworken


CVE-2021-24089 - HEVC Video Extensions Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24089
MITRE
NVD
CVE Title: HEVC Video Extensions Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

How do I get the updated app?

The Microsoft Store will automatically update affected customers. Alternatively, customers can get the update immediately; see here for details.

It is possible for customers to disable automatic updates for the Microsoft Store. The Microsoft Store will not automatically install this update for those customers.

My system is in a disconnected environment; is it vulnerable?

Customers using the Microsoft Store for Business and Microsoft Store for Education can get this update through their organizations.

How can I check if the update is installed?

If your device manufacturer preinstalled this app, package versions 1.0.40203.0 and later contain this update.

If you purchased this app from the Microsoft Store, package versions 1.0.40204.0 and later contain this update.

You can check the package version in PowerShell:

Get-AppxPackage -Name Microsoft.HEVCVideoExtension*


Mitigations:
None
Workarounds:
None
Revision:
1.1    2021-04-06T07:00:00Z    

Updated FAQ information. This is an informational change only.


1.0    2021-03-09T08:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24089
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
HEVC Video Extensions Critical Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24089 Dhanesh Kizhakkinan of FireEye Inc.


Le Huu Quang Linh (@linhlhq) from Vietnam National Cyber Security Center (NCSC Vietnam)


CVE-2021-24090 - Windows Error Reporting Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24090
MITRE
NVD
CVE Title: Windows Error Reporting Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24090
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24090 Gal De Leon (@galdeleon) of Palo Alto Networks


CVE-2021-24104 - Microsoft SharePoint Spoofing Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24104
MITRE
NVD
CVE Title: Microsoft SharePoint Spoofing Vulnerability
CVSS:

CVSS:3.0 4.6/4.2
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeChanged
ConfidentialityLow
IntegrityLow
AvailabilityNone
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelWorkaround
Report ConfidenceConfirmed

FAQ:

There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?

Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Spoofing

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24104
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2016 4493232 (Security Update)
4493199 (Security Update)
Important Spoofing 4493195
4493167
Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N/E:P/RL:W/RC:C
Maybe
Microsoft SharePoint Foundation 2013 Service Pack 1 4493238 (Security Update)
4493177 (Security Update)
Important Spoofing 4493210
4486696
Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N/E:P/RL:W/RC:C
Maybe
Microsoft SharePoint Server 2019 4493230 (Security Update)
4493231 (Security Update)
Important Spoofing 4493194

4493161
Base: 4.6
Temporal: 4.2
Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N/E:P/RL:W/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24104 Cameron Vincent


CVE-2021-24107 - Windows Event Tracing Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24107
MITRE
NVD
CVE Title: Windows Event Tracing Information Disclosure Vulnerability
CVSS:

CVSS:3.0 5.5/4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24107
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5000807 (Security Update) Important Information Disclosure 4601331 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 5000807 (Security Update) Important Information Disclosure 4601331 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 5000803 (Security Update) Important Information Disclosure 4601318
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Important Information Disclosure 4601318
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Information Disclosure 4601354 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Information Disclosure 4601354 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Information Disclosure 4601354 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Information Disclosure 4601345
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Information Disclosure 4601345
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Information Disclosure 4601345
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Information Disclosure 4601315
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Information Disclosure 4601315
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Information Disclosure 4601315
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Information Disclosure 4601319
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Information Disclosure 4601319
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Information Disclosure 4601319
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Information Disclosure 4601319
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Information Disclosure 4601319
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Information Disclosure 4601319
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Information Disclosure 4601347
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Information Disclosure 4601347
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Information Disclosure 4601384
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Information Disclosure 4601384
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows RT 8.1 5000848 (Monthly Rollup) Important Information Disclosure 4601384
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Information Disclosure 4601360
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Information Disclosure 4601360
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Information Disclosure 4601360
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Information Disclosure 4601360
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Information Disclosure 4601347
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Information Disclosure 4601347
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2012 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Information Disclosure 4601348
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Information Disclosure 4601348
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Information Disclosure 4601384
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Information Disclosure 4601384
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Information Disclosure 4601318
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Information Disclosure 4601318
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Information Disclosure 4601345
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Information Disclosure 4601345
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Information Disclosure 4601315
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Information Disclosure 4601319
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Information Disclosure 4601319
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24107 Yarden Shafir @yarden_shafir


CVE-2021-24110 - HEVC Video Extensions Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-24110
MITRE
NVD
CVE Title: HEVC Video Extensions Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

How do I get the updated app?

The Microsoft Store will automatically update affected customers. Alternatively, customers can get the update immediately; see here for details.

It is possible for customers to disable automatic updates for the Microsoft Store. The Microsoft Store will not automatically install this update for those customers.

My system is in a disconnected environment; is it vulnerable?

Customers using the Microsoft Store for Business and Microsoft Store for Education can get this update through their organizations.

How can I check if the update is installed?

If your device manufacturer preinstalled this app, package versions 1.0.40203.0 and later contain this update.

If you purchased this app from the Microsoft Store, package versions 1.0.40204.0 and later contain this update.

You can check the package version in PowerShell:

Get-AppxPackage -Name Microsoft.HEVCVideoExtension*


Mitigations:
None
Workarounds:
None
Revision:
1.1    2021-04-06T07:00:00Z    

Updated FAQ information. This is an informational change only.


1.0    2021-03-09T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-24110
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
HEVC Video Extensions Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-24110 Dhanesh Kizhakkinan of FireEye Inc


CVE-2021-26412 - Microsoft Exchange Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26412
MITRE
NVD
CVE Title: Microsoft Exchange Server Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 9.1/8.2
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-02T08:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26412
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Exchange Server 2013 Cumulative Update 23 5000871 (Security Update) Critical Remote Code Execution 4593466
Base: 9.1
Temporal: 8.2
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 18 5000871 (Security Update) Critical Remote Code Execution 4593466
Base: 9.1
Temporal: 8.2
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 19 5000871 (Security Update) Critical Remote Code Execution 4593466
Base: 9.1
Temporal: 8.2
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 7 5000871 (Security Update) Critical Remote Code Execution 4593466
Base: 9.1
Temporal: 8.2
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 8 5000871 (Security Update) Critical Remote Code Execution 4593466
Base: 9.1
Temporal: 8.2
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26412 Steven Seeley (mr_me)


CVE-2021-26854 - Microsoft Exchange Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26854
MITRE
NVD
CVE Title: Microsoft Exchange Server Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 6.6/5.8
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-02T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26854
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Exchange Server 2013 Cumulative Update 23 5000871 (Security Update) Important Remote Code Execution 4602269
Base: 6.6
Temporal: 5.8
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 18 5000871 (Security Update) Important Remote Code Execution 4602269
Base: 6.6
Temporal: 5.8
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 19 5000871 (Security Update) Important Remote Code Execution 4602269
Base: 6.6
Temporal: 5.8
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 7 5000871 (Security Update) Important Remote Code Execution 4602269
Base: 6.6
Temporal: 5.8
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 8 5000871 (Security Update) Important Remote Code Execution 4602269
Base: 6.6
Temporal: 5.8
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26854 Steven Seeley (mr_me) of Source Incite


CVE-2021-26855 - Microsoft Exchange Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26855
MITRE
NVD
CVE Title: Microsoft Exchange Server Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 9.1/8.4
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics
Exploit Code MaturityFunctional
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Is this vulnerability being used in an active attack?

Yes. The vulnerability described in this CVE is one of four vulnerabilities that are being exploited in an active attack. The security updates address this attack. More information can be found here: https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server.

What is the target for this attack?

The initial attack in this attack chain targets an Exchange On-prem server that is able to receive untrusted connections from an external source. In addition, the Exchange server would need to be running Microsoft Exchange Server 2013, 2016, or 2019.

Where can I get more information about how to protect myself from the vulnerabilities?

Please see On-Premises Exchange Server Vulnerabilities Resource Center – updated March 25, 2021.


If I install the Security Updates for the older Cumulative Updates, am I fully protected from vulnerabilities for all published CVEs?

No, you will be protected from the vulnerabilities documented by CVE-2021-27065, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858. You will not be protected from some previous CVEs as shown in the table below.

  • Yes: the system is protected from the vulnerability.
  • No: the system is not protected from the vulnerability.

Microsoft Exchange Server 2019

Date Released Severity CVE ES 2019 CU8 ES 2019 CU7 ES 2019 CU6 ES 2019 CU5 ES 2019 CU4 ES 2019 CU3 ES 2019 CU2 ES 2019 CU1 ES 2019
8/14/2018 Critical CVE-2018-8302 Yes Yes Yes Yes Yes Yes Yes Yes No
10/9/2018 Important CVE-2018-8448 Yes Yes Yes Yes Yes Yes Yes Yes No
11/13/2018 Important CVE-2018-8581 Yes Yes Yes Yes Yes Yes Yes No No
12/11/2018 Important CVE-2018-8604 Yes Yes Yes Yes Yes Yes Yes No No
1/8/2019 Important CVE-2019-0586 Yes Yes Yes Yes Yes Yes Yes No No
1/8/2019 Important CVE-2019-0588 Yes Yes Yes Yes Yes Yes Yes No No
2/12/2019 Important CVE-2019-0686 Yes Yes Yes Yes Yes Yes Yes No No
2/12/2019 Important CVE-2019-0724 Yes Yes Yes Yes Yes Yes Yes No No
9/10/2019 Important CVE-2019-1233 Yes Yes Yes Yes Yes Yes No No No
10/19/2019 Important CVE-2019-1266 Yes Yes Yes Yes Yes No No No No
11/12/2019 Critical CVE-2019-1373 Yes Yes Yes Yes Yes No No No No
2/11/2020 Important CVE-2020-0688 Yes Yes Yes Yes No No No No No
2/11/2020 Important CVE-2020-0692 Yes Yes Yes Yes No No No No No
3/10/2020 Important CVE-2020-0903 Yes Yes Yes Yes No No No No No
9/8/2020 Critical CVE-2020-16875 Yes Yes No No No No No No No
10/13/2020 Important CVE-2020-16969 Yes Yes No No No No No No No
11/10/2020 Important CVE-2020-17083 Yes Yes No No No No No No No
11/10/2020 Important CVE-2020-17084 Yes Yes No No No No No No No
11/10/2020 Important CVE-2020-17085 Yes Yes No No No No No No No
12/8/2020 Critical CVE-2020-17117 Yes Yes No No No No No No No
12/8/2020 Critical CVE-2020-17132 Yes Yes No No No No No No No
12/8/2020 Important CVE-2020-17141 Yes Yes No No No No No No No
12/8/2020 Critical CVE-2020-17142 Yes Yes No No No No No No No
12/8/2020 Important CVE-2020-17143 Yes Yes No No No No No No No
12/8/2020 Important CVE-2020-17144 Yes Yes No No No No No No No
2/9/2021 Important CVE-2021-1730 Yes Yes No No No No No No No
2/9/2021 Important CVE-2021-24085 Yes Yes No No No No No No No
3/2/2021 Important CVE-2021-26412 Yes Yes No No No No No No No
3/2/2021 Important CVE-2021-26854 Yes Yes No No No No No No No

Microsoft Exchange Server 2016

Date Released Severity CVE ES 2016 CU19 ES 2016 CU18 ES 2016 CU16 ES 2016 CU15 ES 2016 CU14 ES 2016 CU17 ES 2016 CU13 ES 2016 CU12 ES 2016 CU11 ES 2016 CU10 ES 2016 CU9 ES 2016 CU8
3/13/2018 Important CVE-2018-0940 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No
3/13/2018 Important CVE-2018-0941 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No
4/3/2018 Critical CVE-2018-0986 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No No
5/8/2018 Important CVE-2018-8151 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No No
5/8/2018 Important CVE-2018-8152 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No No
5/8/2018 Critical CVE-2018-8154 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No No
5/8/2018 Important CVE-2018-8159 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No No
10/9/2018 Important CVE-2018-8265 Yes Yes Yes Yes Yes Yes Yes Yes Yes No No No
8/14/2018 Critical CVE-2018-8302 Yes Yes Yes Yes Yes Yes Yes Yes Yes No No No
10/9/2018 Important CVE-2018-8448 Yes Yes Yes Yes Yes Yes Yes Yes No No No No
11/13/2018 Important CVE-2018-8581 Yes Yes Yes Yes Yes Yes Yes Yes No No No No
12/11/2018 Important CVE-2018-8604 Yes Yes Yes Yes Yes Yes Yes Yes No No No No
1/8/2019 Important CVE-2019-0586 Yes Yes Yes Yes Yes Yes Yes Yes No No No No
1/8/2019 Important CVE-2019-0588 Yes Yes Yes Yes Yes Yes Yes Yes No No No No
2/12/2019 Important CVE-2019-0686 Yes Yes Yes Yes Yes Yes Yes Yes No No No No
2/12/2019 Important CVE-2019-0724 Yes Yes Yes Yes Yes Yes Yes Yes No No No No
4/9/2019 Important CVE-2019-0817 Yes Yes Yes Yes Yes Yes Yes No No No No No
4/9/2019 Important CVE-2019-0858 Yes Yes Yes Yes Yes Yes Yes No No No No No
7/9/2019 Important CVE-2019-1084 Yes Yes Yes Yes Yes Yes No No No No No No
7/9/2019 Important CVE-2019-1136 Yes Yes Yes Yes Yes Yes No No No No No No
7/9/2019 Important CVE-2019-1137 Yes Yes Yes Yes Yes Yes No No No No No No
9/10/2019 Important CVE-2019-1233 Yes Yes Yes Yes Yes Yes No No No No No No
10/19/2019 Important CVE-2019-1266 Yes Yes Yes Yes No Yes No No No No No No
11/12/2019 Critical CVE-2019-1373 Yes Yes Yes Yes No Yes No No No No No No
2/11/2020 Important CVE-2020-0688 Yes Yes Yes Yes No Yes No No No No No No
2/11/2020 Important CVE-2020-0692 Yes Yes Yes Yes No Yes No No No No No No
3/10/2020 Important CVE-2020-0903 Yes Yes Yes Yes No Yes No No No No No No
9/8/2020 Critical CVE-2020-16875 Yes Yes No No No No No No No No No No
10/13/2020 Important CVE-2020-16969 Yes Yes No No No No No No No No No No
11/10/2020 Important CVE-2020-17083 Yes Yes No No No No No No No No No No
11/10/2020 Important CVE-2020-17084 Yes Yes No No No No No No No No No No
11/10/2020 Important CVE-2020-17085 Yes Yes No No No No No No No No No No
12/8/2020 Critical CVE-2020-17117 Yes Yes No No No No No No No No No No
12/8/2020 Critical CVE-2020-17132 Yes Yes No No No No No No No No No No
12/8/2020 Important CVE-2020-17141 Yes Yes No No No No No No No No No No
12/8/2020 Critical CVE-2020-17142 Yes Yes No No No No No No No No No No
12/8/2020 Important CVE-2020-17143 Yes Yes No No No No No No No No No No
12/8/2020 Important CVE-2020-17144 Yes Yes No No No No No No No No No No
2/9/2021 Important CVE-2021-1730 Yes Yes No No No No No No No No No No
2/9/2021 Important CVE-2021-24085 Yes Yes No No No No No No No No No No
3/2/2021 Important CVE-2021-26412 Yes Yes No No No No No No No No No No
3/2/2021 Important CVE-2021-26854 Yes Yes No No No No No No No No No No
  • Microsoft Exchange Server 2013 CU 22 was released February 12, 2019 after which 31 vulnerabilities have been found and remediated.
  • Microsoft Exchange Server 2013 CU 21 was released June 19, 2018 after which 38 vulnerabilities have been found and remediated.
  • Microsoft Exchange Server 2013 Service Pack 1 was released February 25, 2014 after which 82 vulnerabilities have been found and remediated.

Please see Exchange Server build numbers and release dates for more information on Exchange Server Cumulative Updates release dates.


Mitigations:

Workarounds:
None
Revision:
3.0    2021-03-10T08:00:00Z    

Microsoft is releasing security updates for CVE-2021-27065, CVE-2021-26855, CVE-2021-26857, and CVE-2021-26858 for several Cumulative Updates that are out of support, including Exchange Server 2019 CU 3; and Exchange Server 2016 CU 17, CU 13, CU12; and Exchange Server 2013 CU 22, CU 21. These updates address only those CVEs. Customers who want to be protected from these vulnerabilities can apply these updates if they are not on a supported cumulative update. Microsoft strongly recommends that customers update to the latest supported cumulative updates.


4.0    2021-03-11T08:00:00Z    

Microsoft is releasing the final set of security updates for CVE-2021-27065, CVE-2021-26855, CVE-2021-26857, and CVE-2021-26858 for several Cumulative Updates that are out of support, including Exchange Server 2019, CU1 and CU2; and Exchange Server 2016 CU 8, CU 9, CU10, and CU11. These updates address only those CVEs. Customers who want to be protected from these vulnerabilities can apply these updates if they are not Exchange Server on a supported cumulative update. Microsoft strongly recommends that customers update to the latest supported cumulative updates.


5.0    2021-03-16T07:00:00Z    

Microsoft is releasing a security update for CVE-2021-27065, CVE-2021-26855, CVE-2021-26857, and CVE-2021-26858 for Microsoft Exchange Server 2013 Service Pack 1. This update addresses only those CVEs. Customers who want to be protected from these vulnerabilities can apply this update if they are not on a supported cumulative update. Microsoft strongly recommends that customers update to the latest supported cumulative updates.


1.0    2021-03-02T08:00:00Z    

Information published.


1.1    2021-03-02T08:00:00Z    

Updated one or more CVSS scores for the affected products.


2.0    2021-03-08T08:00:00Z    

Microsoft is releasing security updates for CVE-2021-27065, CVE-2021-26855, CVE-2021-26857, and CVE-2021-26858 for several Cumulative Updates that are out of support, including Exchange Server 2019 CU 6, CU 5, and CU 4 and Exchange Server 2016 CU 16, CU 15, and CU14. These updates address only those CVEs. Customers who want to be protected from these vulnerabilities can apply these updates if they are not on a supported cumulative update. Microsoft strongly recommends that customers update to the latest supported cumulative updates.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26855
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Exchange Server 2013 Cumulative Update 21 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 9.1
Temporal: 8.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2013 Cumulative Update 22 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 9.1
Temporal: 8.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2013 Cumulative Update 23 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 9.1
Temporal: 8.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 10 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 9.1
Temporal: 8.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 11 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 9.1
Temporal: 8.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 12 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 9.1
Temporal: 8.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 13 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 9.1
Temporal: 8.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 14 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 9.1
Temporal: 8.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 15 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 9.1
Temporal: 8.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 16 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 9.1
Temporal: 8.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 17 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 9.1
Temporal: 8.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 18 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 9.1
Temporal: 8.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 19 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 9.1
Temporal: 8.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 8 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 9.1
Temporal: 8.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 9 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 9.1
Temporal: 8.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 9.1
Temporal: 8.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 1 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 9.1
Temporal: 8.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 2 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 9.1
Temporal: 8.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 3 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 9.1
Temporal: 8.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 4 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 9.1
Temporal: 8.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 5 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 9.1
Temporal: 8.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 6 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 9.1
Temporal: 8.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 7 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 9.1
Temporal: 8.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 8 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 9.1
Temporal: 8.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26855 Microsoft Threat Intelligence Center (MSTIC)


Orange Tsai from DEVCORE research team


Volexity


CVE-2021-26857 - Microsoft Exchange Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26857
MITRE
NVD
CVE Title: Microsoft Exchange Server Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/7.2
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityFunctional
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Is this vulnerability being used in an active attack?

Yes. The vulnerability described in this CVE is one of four vulnerabilities that are being exploited in an active attack. The security updates address this attack. More information can be found here: https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server.

What is the target for this attack?

The initial attack in this attack chain targets an Exchange On-prem server that is able to receive untrusted connections from an external source. In addition, the Exchange server would need to be running Microsoft Exchange Server 2013, 2016, or 2019.

Where can I get more information about how to protect myself from the vulnerabilities?

Please see On-Premises Exchange Server Vulnerabilities Resource Center – updated March 25, 2021.


If I install the Security Updates for the older Cumulative Updates, am I fully protected from vulnerabilities for all published CVEs?

No, you will be protected from the vulnerabilities documented by CVE-2021-27065, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858. You will not be protected from some previous CVEs as shown in the table below.

  • Yes: the system is protected from the vulnerability.
  • No: the system is not protected from the vulnerability.

Microsoft Exchange Server 2019

Date Released Severity CVE ES 2019 CU8 ES 2019 CU7 ES 2019 CU6 ES 2019 CU5 ES 2019 CU4 ES 2019 CU3 ES 2019 CU2 ES 2019 CU1 ES 2019
8/14/2018 Critical CVE-2018-8302 Yes Yes Yes Yes Yes Yes Yes Yes No
10/9/2018 Important CVE-2018-8448 Yes Yes Yes Yes Yes Yes Yes Yes No
11/13/2018 Important CVE-2018-8581 Yes Yes Yes Yes Yes Yes Yes No No
12/11/2018 Important CVE-2018-8604 Yes Yes Yes Yes Yes Yes Yes No No
1/8/2019 Important CVE-2019-0586 Yes Yes Yes Yes Yes Yes Yes No No
1/8/2019 Important CVE-2019-0588 Yes Yes Yes Yes Yes Yes Yes No No
2/12/2019 Important CVE-2019-0686 Yes Yes Yes Yes Yes Yes Yes No No
2/12/2019 Important CVE-2019-0724 Yes Yes Yes Yes Yes Yes Yes No No
9/10/2019 Important CVE-2019-1233 Yes Yes Yes Yes Yes Yes No No No
10/19/2019 Important CVE-2019-1266 Yes Yes Yes Yes Yes No No No No
11/12/2019 Critical CVE-2019-1373 Yes Yes Yes Yes Yes No No No No
2/11/2020 Important CVE-2020-0688 Yes Yes Yes Yes No No No No No
2/11/2020 Important CVE-2020-0692 Yes Yes Yes Yes No No No No No
3/10/2020 Important CVE-2020-0903 Yes Yes Yes Yes No No No No No
9/8/2020 Critical CVE-2020-16875 Yes Yes No No No No No No No
10/13/2020 Important CVE-2020-16969 Yes Yes No No No No No No No
11/10/2020 Important CVE-2020-17083 Yes Yes No No No No No No No
11/10/2020 Important CVE-2020-17084 Yes Yes No No No No No No No
11/10/2020 Important CVE-2020-17085 Yes Yes No No No No No No No
12/8/2020 Critical CVE-2020-17117 Yes Yes No No No No No No No
12/8/2020 Critical CVE-2020-17132 Yes Yes No No No No No No No
12/8/2020 Important CVE-2020-17141 Yes Yes No No No No No No No
12/8/2020 Critical CVE-2020-17142 Yes Yes No No No No No No No
12/8/2020 Important CVE-2020-17143 Yes Yes No No No No No No No
12/8/2020 Important CVE-2020-17144 Yes Yes No No No No No No No
2/9/2021 Important CVE-2021-1730 Yes Yes No No No No No No No
2/9/2021 Important CVE-2021-24085 Yes Yes No No No No No No No
3/2/2021 Important CVE-2021-26412 Yes Yes No No No No No No No
3/2/2021 Important CVE-2021-26854 Yes Yes No No No No No No No

Microsoft Exchange Server 2016

Date Released Severity CVE ES 2016 CU19 ES 2016 CU18 ES 2016 CU16 ES 2016 CU15 ES 2016 CU14 ES 2016 CU17 ES 2016 CU13 ES 2016 CU12 ES 2016 CU11 ES 2016 CU10 ES 2016 CU9 ES 2016 CU8
3/13/2018 Important CVE-2018-0940 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No
3/13/2018 Important CVE-2018-0941 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No
4/3/2018 Critical CVE-2018-0986 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No No
5/8/2018 Important CVE-2018-8151 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No No
5/8/2018 Important CVE-2018-8152 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No No
5/8/2018 Critical CVE-2018-8154 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No No
5/8/2018 Important CVE-2018-8159 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No No
10/9/2018 Important CVE-2018-8265 Yes Yes Yes Yes Yes Yes Yes Yes Yes No No No
8/14/2018 Critical CVE-2018-8302 Yes Yes Yes Yes Yes Yes Yes Yes Yes No No No
10/9/2018 Important CVE-2018-8448 Yes Yes Yes Yes Yes Yes Yes Yes No No No No
11/13/2018 Important CVE-2018-8581 Yes Yes Yes Yes Yes Yes Yes Yes No No No No
12/11/2018 Important CVE-2018-8604 Yes Yes Yes Yes Yes Yes Yes Yes No No No No
1/8/2019 Important CVE-2019-0586 Yes Yes Yes Yes Yes Yes Yes Yes No No No No
1/8/2019 Important CVE-2019-0588 Yes Yes Yes Yes Yes Yes Yes Yes No No No No
2/12/2019 Important CVE-2019-0686 Yes Yes Yes Yes Yes Yes Yes Yes No No No No
2/12/2019 Important CVE-2019-0724 Yes Yes Yes Yes Yes Yes Yes Yes No No No No
4/9/2019 Important CVE-2019-0817 Yes Yes Yes Yes Yes Yes Yes No No No No No
4/9/2019 Important CVE-2019-0858 Yes Yes Yes Yes Yes Yes Yes No No No No No
7/9/2019 Important CVE-2019-1084 Yes Yes Yes Yes Yes Yes No No No No No No
7/9/2019 Important CVE-2019-1136 Yes Yes Yes Yes Yes Yes No No No No No No
7/9/2019 Important CVE-2019-1137 Yes Yes Yes Yes Yes Yes No No No No No No
9/10/2019 Important CVE-2019-1233 Yes Yes Yes Yes Yes Yes No No No No No No
10/19/2019 Important CVE-2019-1266 Yes Yes Yes Yes No Yes No No No No No No
11/12/2019 Critical CVE-2019-1373 Yes Yes Yes Yes No Yes No No No No No No
2/11/2020 Important CVE-2020-0688 Yes Yes Yes Yes No Yes No No No No No No
2/11/2020 Important CVE-2020-0692 Yes Yes Yes Yes No Yes No No No No No No
3/10/2020 Important CVE-2020-0903 Yes Yes Yes Yes No Yes No No No No No No
9/8/2020 Critical CVE-2020-16875 Yes Yes No No No No No No No No No No
10/13/2020 Important CVE-2020-16969 Yes Yes No No No No No No No No No No
11/10/2020 Important CVE-2020-17083 Yes Yes No No No No No No No No No No
11/10/2020 Important CVE-2020-17084 Yes Yes No No No No No No No No No No
11/10/2020 Important CVE-2020-17085 Yes Yes No No No No No No No No No No
12/8/2020 Critical CVE-2020-17117 Yes Yes No No No No No No No No No No
12/8/2020 Critical CVE-2020-17132 Yes Yes No No No No No No No No No No
12/8/2020 Important CVE-2020-17141 Yes Yes No No No No No No No No No No
12/8/2020 Critical CVE-2020-17142 Yes Yes No No No No No No No No No No
12/8/2020 Important CVE-2020-17143 Yes Yes No No No No No No No No No No
12/8/2020 Important CVE-2020-17144 Yes Yes No No No No No No No No No No
2/9/2021 Important CVE-2021-1730 Yes Yes No No No No No No No No No No
2/9/2021 Important CVE-2021-24085 Yes Yes No No No No No No No No No No
3/2/2021 Important CVE-2021-26412 Yes Yes No No No No No No No No No No
3/2/2021 Important CVE-2021-26854 Yes Yes No No No No No No No No No No
  • Microsoft Exchange Server 2013 CU 22 was released February 12, 2019 after which 31 vulnerabilities have been found and remediated.
  • Microsoft Exchange Server 2013 CU 21 was released June 19, 2018 after which 38 vulnerabilities have been found and remediated.
  • Microsoft Exchange Server 2013 Service Pack 1 was released February 25, 2014 after which 82 vulnerabilities have been found and remediated.

Please see Exchange Server build numbers and release dates for more information on Exchange Server Cumulative Updates release dates.


Mitigations:

Workarounds:
None
Revision:
3.0    2021-03-10T08:00:00Z    

Microsoft is releasing security updates for CVE-2021-27065, CVE-2021-26855, CVE-2021-26857, and CVE-2021-26858 for several Cumulative Updates that are out of support, including Exchange Server 2019 CU 3; and Exchange Server 2016 CU 17, CU 13, CU12; and Exchange Server 2013 CU 22, CU 21. These updates address only those CVEs. Customers who want to be protected from these vulnerabilities can apply these updates if they are not on a supported cumulative update. Microsoft strongly recommends that customers update to the latest supported cumulative updates.


4.0    2021-03-11T08:00:00Z    

Microsoft is releasing the final set of security updates for CVE-2021-27065, CVE-2021-26855, CVE-2021-26857, and CVE-2021-26858 for several Cumulative Updates that are out of support, including Exchange Server 2019, CU1 and CU2; and Exchange Server 2016 CU 8, CU 9, CU10, and CU11. These updates address only those CVEs. Customers who want to be protected from these vulnerabilities can apply these updates if they are not Exchange Server on a supported cumulative update. Microsoft strongly recommends that customers update to the latest supported cumulative updates.


5.0    2021-03-16T07:00:00Z    

Microsoft is releasing a security update for CVE-2021-27065, CVE-2021-26855, CVE-2021-26857, and CVE-2021-26858 for Microsoft Exchange Server 2013 Service Pack 1. This update addresses only those CVEs. Customers who want to be protected from these vulnerabilities can apply this update if they are not on a supported cumulative update. Microsoft strongly recommends that customers update to the latest supported cumulative updates.


1.0    2021-03-02T08:00:00Z    

Information published.


1.1    2021-03-02T08:00:00Z    

Updated one or more CVSS scores for the affected products.


2.0    2021-03-08T08:00:00Z    

Microsoft is releasing security updates for CVE-2021-27065, CVE-2021-26855, CVE-2021-26857, and CVE-2021-26858 for several Cumulative Updates that are out of support, including Exchange Server 2019 CU 6, CU 5, and CU 4 and Exchange Server 2016 CU 16, CU 15, and CU14. These updates address only those CVEs. Customers who want to be protected from these vulnerabilities can apply these updates if they are not on a supported cumulative update. Microsoft strongly recommends that customers update to the latest supported cumulative updates.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26857
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Exchange Server 2010 Service Pack 3 5000978 (Security Update) Critical Remote Code Execution 4593467
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2013 Cumulative Update 21 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2013 Cumulative Update 22 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2013 Cumulative Update 23 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2013 Service Pack 1 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 10 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 11 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 12 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 13 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 14 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 15 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 16 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 17 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 18 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 19 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 8 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 9 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 1 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 2 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 3 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 4 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 5 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 6 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 7 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 8 5000871 (Security Update) Critical Remote Code Execution 4602269
Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26857 Microsoft Threat Intelligence Center (MSTIC)


Dubex


CVE-2021-26858 - Microsoft Exchange Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26858
MITRE
NVD
CVE Title: Microsoft Exchange Server Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/7.2
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityFunctional
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Is this vulnerability being used in an active attack?

Yes. The vulnerability described in this CVE is one of four vulnerabilities that are being exploited in an active attack. The security updates address this attack. More information can be found here: https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server.

What is the target for this attack?

The initial attack in this attack chain targets an Exchange On-prem server that is able to receive untrusted connections from an external source. In addition, the Exchange server would need to be running Microsoft Exchange Server 2013, 2016, or 2019.

Where can I get more information about how to protect myself from the vulnerabilities?

Please see On-Premises Exchange Server Vulnerabilities Resource Center – updated March 25, 2021.


If I install the Security Updates for the older Cumulative Updates, am I fully protected from vulnerabilities for all published CVEs?

No, you will be protected from the vulnerabilities documented by CVE-2021-27065, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858. You will not be protected from some previous CVEs as shown in the table below.

  • Yes: the system is protected from the vulnerability.
  • No: the system is not protected from the vulnerability.

Microsoft Exchange Server 2019

Date Released Severity CVE ES 2019 CU8 ES 2019 CU7 ES 2019 CU6 ES 2019 CU5 ES 2019 CU4 ES 2019 CU3 ES 2019 CU2 ES 2019 CU1 ES 2019
8/14/2018 Critical CVE-2018-8302 Yes Yes Yes Yes Yes Yes Yes Yes No
10/9/2018 Important CVE-2018-8448 Yes Yes Yes Yes Yes Yes Yes Yes No
11/13/2018 Important CVE-2018-8581 Yes Yes Yes Yes Yes Yes Yes No No
12/11/2018 Important CVE-2018-8604 Yes Yes Yes Yes Yes Yes Yes No No
1/8/2019 Important CVE-2019-0586 Yes Yes Yes Yes Yes Yes Yes No No
1/8/2019 Important CVE-2019-0588 Yes Yes Yes Yes Yes Yes Yes No No
2/12/2019 Important CVE-2019-0686 Yes Yes Yes Yes Yes Yes Yes No No
2/12/2019 Important CVE-2019-0724 Yes Yes Yes Yes Yes Yes Yes No No
9/10/2019 Important CVE-2019-1233 Yes Yes Yes Yes Yes Yes No No No
10/19/2019 Important CVE-2019-1266 Yes Yes Yes Yes Yes No No No No
11/12/2019 Critical CVE-2019-1373 Yes Yes Yes Yes Yes No No No No
2/11/2020 Important CVE-2020-0688 Yes Yes Yes Yes No No No No No
2/11/2020 Important CVE-2020-0692 Yes Yes Yes Yes No No No No No
3/10/2020 Important CVE-2020-0903 Yes Yes Yes Yes No No No No No
9/8/2020 Critical CVE-2020-16875 Yes Yes No No No No No No No
10/13/2020 Important CVE-2020-16969 Yes Yes No No No No No No No
11/10/2020 Important CVE-2020-17083 Yes Yes No No No No No No No
11/10/2020 Important CVE-2020-17084 Yes Yes No No No No No No No
11/10/2020 Important CVE-2020-17085 Yes Yes No No No No No No No
12/8/2020 Critical CVE-2020-17117 Yes Yes No No No No No No No
12/8/2020 Critical CVE-2020-17132 Yes Yes No No No No No No No
12/8/2020 Important CVE-2020-17141 Yes Yes No No No No No No No
12/8/2020 Critical CVE-2020-17142 Yes Yes No No No No No No No
12/8/2020 Important CVE-2020-17143 Yes Yes No No No No No No No
12/8/2020 Important CVE-2020-17144 Yes Yes No No No No No No No
2/9/2021 Important CVE-2021-1730 Yes Yes No No No No No No No
2/9/2021 Important CVE-2021-24085 Yes Yes No No No No No No No
3/2/2021 Important CVE-2021-26412 Yes Yes No No No No No No No
3/2/2021 Important CVE-2021-26854 Yes Yes No No No No No No No

Microsoft Exchange Server 2016

Date Released Severity CVE ES 2016 CU19 ES 2016 CU18 ES 2016 CU16 ES 2016 CU15 ES 2016 CU14 ES 2016 CU17 ES 2016 CU13 ES 2016 CU12 ES 2016 CU11 ES 2016 CU10 ES 2016 CU9 ES 2016 CU8
3/13/2018 Important CVE-2018-0940 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No
3/13/2018 Important CVE-2018-0941 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No
4/3/2018 Critical CVE-2018-0986 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No No
5/8/2018 Important CVE-2018-8151 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No No
5/8/2018 Important CVE-2018-8152 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No No
5/8/2018 Critical CVE-2018-8154 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No No
5/8/2018 Important CVE-2018-8159 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No No
10/9/2018 Important CVE-2018-8265 Yes Yes Yes Yes Yes Yes Yes Yes Yes No No No
8/14/2018 Critical CVE-2018-8302 Yes Yes Yes Yes Yes Yes Yes Yes Yes No No No
10/9/2018 Important CVE-2018-8448 Yes Yes Yes Yes Yes Yes Yes Yes No No No No
11/13/2018 Important CVE-2018-8581 Yes Yes Yes Yes Yes Yes Yes Yes No No No No
12/11/2018 Important CVE-2018-8604 Yes Yes Yes Yes Yes Yes Yes Yes No No No No
1/8/2019 Important CVE-2019-0586 Yes Yes Yes Yes Yes Yes Yes Yes No No No No
1/8/2019 Important CVE-2019-0588 Yes Yes Yes Yes Yes Yes Yes Yes No No No No
2/12/2019 Important CVE-2019-0686 Yes Yes Yes Yes Yes Yes Yes Yes No No No No
2/12/2019 Important CVE-2019-0724 Yes Yes Yes Yes Yes Yes Yes Yes No No No No
4/9/2019 Important CVE-2019-0817 Yes Yes Yes Yes Yes Yes Yes No No No No No
4/9/2019 Important CVE-2019-0858 Yes Yes Yes Yes Yes Yes Yes No No No No No
7/9/2019 Important CVE-2019-1084 Yes Yes Yes Yes Yes Yes No No No No No No
7/9/2019 Important CVE-2019-1136 Yes Yes Yes Yes Yes Yes No No No No No No
7/9/2019 Important CVE-2019-1137 Yes Yes Yes Yes Yes Yes No No No No No No
9/10/2019 Important CVE-2019-1233 Yes Yes Yes Yes Yes Yes No No No No No No
10/19/2019 Important CVE-2019-1266 Yes Yes Yes Yes No Yes No No No No No No
11/12/2019 Critical CVE-2019-1373 Yes Yes Yes Yes No Yes No No No No No No
2/11/2020 Important CVE-2020-0688 Yes Yes Yes Yes No Yes No No No No No No
2/11/2020 Important CVE-2020-0692 Yes Yes Yes Yes No Yes No No No No No No
3/10/2020 Important CVE-2020-0903 Yes Yes Yes Yes No Yes No No No No No No
9/8/2020 Critical CVE-2020-16875 Yes Yes No No No No No No No No No No
10/13/2020 Important CVE-2020-16969 Yes Yes No No No No No No No No No No
11/10/2020 Important CVE-2020-17083 Yes Yes No No No No No No No No No No
11/10/2020 Important CVE-2020-17084 Yes Yes No No No No No No No No No No
11/10/2020 Important CVE-2020-17085 Yes Yes No No No No No No No No No No
12/8/2020 Critical CVE-2020-17117 Yes Yes No No No No No No No No No No
12/8/2020 Critical CVE-2020-17132 Yes Yes No No No No No No No No No No
12/8/2020 Important CVE-2020-17141 Yes Yes No No No No No No No No No No
12/8/2020 Critical CVE-2020-17142 Yes Yes No No No No No No No No No No
12/8/2020 Important CVE-2020-17143 Yes Yes No No No No No No No No No No
12/8/2020 Important CVE-2020-17144 Yes Yes No No No No No No No No No No
2/9/2021 Important CVE-2021-1730 Yes Yes No No No No No No No No No No
2/9/2021 Important CVE-2021-24085 Yes Yes No No No No No No No No No No
3/2/2021 Important CVE-2021-26412 Yes Yes No No No No No No No No No No
3/2/2021 Important CVE-2021-26854 Yes Yes No No No No No No No No No No
  • Microsoft Exchange Server 2013 CU 22 was released February 12, 2019 after which 31 vulnerabilities have been found and remediated.
  • Microsoft Exchange Server 2013 CU 21 was released June 19, 2018 after which 38 vulnerabilities have been found and remediated.
  • Microsoft Exchange Server 2013 Service Pack 1 was released February 25, 2014 after which 82 vulnerabilities have been found and remediated.

Please see Exchange Server build numbers and release dates for more information on Exchange Server Cumulative Updates release dates.


Mitigations:

Workarounds:
None
Revision:
3.0    2021-03-10T08:00:00Z    

Microsoft is releasing security updates for CVE-2021-27065, CVE-2021-26855, CVE-2021-26857, and CVE-2021-26858 for several Cumulative Updates that are out of support, including Exchange Server 2019 CU 3; and Exchange Server 2016 CU 17, CU 13, CU12; and Exchange Server 2013 CU 22, CU 21. These updates address only those CVEs. Customers who want to be protected from these vulnerabilities can apply these updates if they are not on a supported cumulative update. Microsoft strongly recommends that customers update to the latest supported cumulative updates.


4.0    2021-03-11T08:00:00Z    

Microsoft is releasing the final set of security updates for CVE-2021-27065, CVE-2021-26855, CVE-2021-26857, and CVE-2021-26858 for several Cumulative Updates that are out of support, including Exchange Server 2019, CU1 and CU2; and Exchange Server 2016 CU 8, CU 9, CU10, and CU11. These updates address only those CVEs. Customers who want to be protected from these vulnerabilities can apply these updates if they are not Exchange Server on a supported cumulative update. Microsoft strongly recommends that customers update to the latest supported cumulative updates.


5.0    2021-03-16T07:00:00Z    

Microsoft is releasing a security update for CVE-2021-27065, CVE-2021-26855, CVE-2021-26857, and CVE-2021-26858 for Microsoft Exchange Server 2013 Service Pack 1. This update addresses only those CVEs. Customers who want to be protected from these vulnerabilities can apply this update if they are not on a supported cumulative update. Microsoft strongly recommends that customers update to the latest supported cumulative updates.


1.0    2021-03-02T08:00:00Z    

Information published.


1.1    2021-03-02T08:00:00Z    

Updated one or more CVSS scores for the affected products.


2.0    2021-03-08T08:00:00Z    

Microsoft is releasing security updates for CVE-2021-27065, CVE-2021-26855, CVE-2021-26857, and CVE-2021-26858 for several Cumulative Updates that are out of support, including Exchange Server 2019 CU 6, CU 5, and CU 4 and Exchange Server 2016 CU 16, CU 15, and CU14. These updates address only those CVEs. Customers who want to be protected from these vulnerabilities can apply these updates if they are not on a supported cumulative update. Microsoft strongly recommends that customers update to the latest supported cumulative updates.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26858
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Exchange Server 2013 Cumulative Update 21 5000871 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2013 Cumulative Update 22 5000871 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2013 Cumulative Update 23 5000871 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 10 5000871 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 11 5000871 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 12 5000871 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 13 5000871 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 14 5000871 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 15 5000871 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 16 5000871 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 17 5000871 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 18 5000871 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 19 5000871 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 8 5000871 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 9 5000871 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2019 5000871 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2019 Cumulative Update 1 5000871 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2019 Cumulative Update 2 5000871 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2019 Cumulative Update 3 5000871 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2019 Cumulative Update 4 5000871 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2019 Cumulative Update 5 5000871 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2019 Cumulative Update 6 5000871 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2019 Cumulative Update 7 5000871 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2019 Cumulative Update 8 5000871 (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26858 Microsoft Threat Intelligence Center (MSTIC)


CVE-2021-26859 - Microsoft Power BI Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26859
MITRE
NVD
CVE Title: Microsoft Power BI Information Disclosure Vulnerability
CVSS:

CVSS:3.0 7.7/6.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What type of information could be disclosed by this vulnerability?

Exploiting this vulnerability could allow the disclosure of NTLM hashes.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26859
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Power BI Report Server version 15.0.1103.234 5001284 (Security Update) Important Information Disclosure None Base: 7.7
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe
Power BI Report Server version 15.0.1104.300 5001285 (Security Update) Important Information Disclosure None Base: 7.7
Temporal: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26859 Maxime ESCOURBIAC of Michelin CERT


CVE-2021-26860 - Windows App-V Overlay Filter Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26860
MITRE
NVD
CVE Title: Windows App-V Overlay Filter Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26860
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26860 James Forshaw of Google Project Zero


CVE-2021-26861 - Windows Graphics Component Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26861
MITRE
NVD
CVE Title: Windows Graphics Component Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26861
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5000807 (Security Update) Important Remote Code Execution 4601331 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 5000807 (Security Update) Important Remote Code Execution 4601331 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 5000803 (Security Update) Important Remote Code Execution 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Important Remote Code Execution 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Remote Code Execution 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Remote Code Execution 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Remote Code Execution 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Remote Code Execution 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Remote Code Execution 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Remote Code Execution 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Remote Code Execution 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Remote Code Execution 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Remote Code Execution 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Remote Code Execution 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Remote Code Execution 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Remote Code Execution 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Remote Code Execution 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows RT 8.1 5000848 (Monthly Rollup) Important Remote Code Execution 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Remote Code Execution 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Remote Code Execution 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Remote Code Execution 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Remote Code Execution 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Remote Code Execution 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Remote Code Execution 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Remote Code Execution 4601348
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Remote Code Execution 4601348
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Remote Code Execution 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Remote Code Execution 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Remote Code Execution 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Remote Code Execution 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Remote Code Execution 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Remote Code Execution 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Remote Code Execution 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26861 Zhihua Yao, lm0963, and CSZQ of DBAPPSecurity Zion Lab


CVE-2021-26862 - Windows Installer Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26862
MITRE
NVD
CVE Title: Windows Installer Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.0/6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26862
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows RT 8.1 5000848 (Monthly Rollup) Important Elevation of Privilege 4601384
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Elevation of Privilege 4601348
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Elevation of Privilege 4601348
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26862 Abdelhamid Naceri (halov) working with Trend Micro Zero Day Initiative


CVE-2021-26863 - Windows Win32k Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26863
MITRE
NVD
CVE Title: Windows Win32k Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.0/6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26863
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26863 Mateusz Jurczyk of Google Project Zero


CVE-2021-26864 - Windows Virtual Registry Provider Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26864
MITRE
NVD
CVE Title: Windows Virtual Registry Provider Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 8.4/7.3
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityNone
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26864
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1607 for 32-bit Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 8.4
Temporal: 7.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26864 James Forshaw of Google Project Zero


CVE-2021-26865 - Windows Container Execution Agent Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26865
MITRE
NVD
CVE Title: Windows Container Execution Agent Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 8.8/7.7
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26865
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1607 for 32-bit Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26865 James Forshaw of Google Project Zero


CVE-2021-26866 - Windows Update Service Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26866
MITRE
NVD
CVE Title: Windows Update Service Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.1/6.2
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26866
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.1
Temporal: 6.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26866 Abdelhamid Naceri (halov) working with Trend Micro Zero Day Initiative


CVE-2021-26867 - Windows Hyper-V Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26867
MITRE
NVD
CVE Title: Windows Hyper-V Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 9.9/8.6
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Which Hyper-V systems are vulnerable?

Any Hyper-V client which is configured to use the Plan 9 file system could be vulnerable. An authenticated attacker who successfully exploited this vulnerability on a Hyper-V client could cause code to execute on the Hyper-V server.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26867
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Critical Remote Code Execution 4601315
Base: 9.9
Temporal: 8.6
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Critical Remote Code Execution 4601319
Base: 9.9
Temporal: 8.6
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Critical Remote Code Execution 4601319
Base: 9.9
Temporal: 8.6
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Critical Remote Code Execution 4601315
Base: 9.9
Temporal: 8.6
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Critical Remote Code Execution 4601319
Base: 9.9
Temporal: 8.6
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Critical Remote Code Execution 4601319
Base: 9.9
Temporal: 8.6
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26867 @rezer0dai


CVE-2021-26868 - Windows Graphics Component Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26868
MITRE
NVD
CVE Title: Windows Graphics Component Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26868
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows RT 8.1 5000848 (Monthly Rollup) Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Elevation of Privilege 4601348
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Elevation of Privilege 4601348
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26868 liuxiaoliang and pjf


CVE-2021-26869 - Windows ActiveX Installer Service Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26869
MITRE
NVD
CVE Title: Windows ActiveX Installer Service Information Disclosure Vulnerability
CVSS:

CVSS:3.0 5.5/4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26869
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5000807 (Security Update) Important Information Disclosure 4601331 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 5000807 (Security Update) Important Information Disclosure 4601331 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 5000803 (Security Update) Important Information Disclosure 4601318
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Important Information Disclosure 4601318
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Information Disclosure 4601354 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Information Disclosure 4601354 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Information Disclosure 4601354 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Information Disclosure 4601345
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Information Disclosure 4601345
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Information Disclosure 4601345
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Information Disclosure 4601315
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Information Disclosure 4601315
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Information Disclosure 4601315
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Information Disclosure 4601319
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Information Disclosure 4601319
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Information Disclosure 4601319
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Information Disclosure 4601319
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Information Disclosure 4601319
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Information Disclosure 4601319
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Information Disclosure 4601347
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Information Disclosure 4601347
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Information Disclosure 4601384
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Information Disclosure 4601384
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows RT 8.1 5000848 (Monthly Rollup) Important Information Disclosure 4601384
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Information Disclosure 4601347
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Information Disclosure 4601347
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2012 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Information Disclosure 4601348
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Information Disclosure 4601348
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Information Disclosure 4601384
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Information Disclosure 4601384
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Information Disclosure 4601318
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Information Disclosure 4601318
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Information Disclosure 4601345
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Information Disclosure 4601345
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Information Disclosure 4601315
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Information Disclosure 4601319
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Information Disclosure 4601319
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26869 Xuefeng Li (@lxf02942370) and Zhiniang Peng (@edwardzpeng) of Sangfor


CVE-2021-26870 - Windows Projected File System Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26870
MITRE
NVD
CVE Title: Windows Projected File System Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26870
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26870 Xuefeng Li (@lxf02942370) and Zhiniang Peng (@edwardzpeng) of Sangfor


CVE-2021-26871 - Windows WalletService Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26871
MITRE
NVD
CVE Title: Windows WalletService Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26871
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26871 Xuefeng Li (@lxf02942370) and Zhiniang Peng (@edwardzpeng) of Sangfor


CVE-2021-26872 - Windows Event Tracing Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26872
MITRE
NVD
CVE Title: Windows Event Tracing Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26872
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows RT 8.1 5000848 (Monthly Rollup) Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Elevation of Privilege 4601348
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Elevation of Privilege 4601348
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26872 Yuki Chen


CVE-2021-26873 - Windows User Profile Service Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26873
MITRE
NVD
CVE Title: Windows User Profile Service Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.0/6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26873
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows RT 8.1 5000848 (Monthly Rollup) Important Elevation of Privilege 4601384
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Elevation of Privilege 4601348
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Elevation of Privilege 4601348
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26873 Abdelhamid Naceri (halov) working with Trend Micro Zero Day Initiative


CVE-2021-26874 - Windows Overlay Filter Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26874
MITRE
NVD
CVE Title: Windows Overlay Filter Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26874
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26874 James Forshaw of Google Project Zero


CVE-2021-26875 - Windows Win32k Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26875
MITRE
NVD
CVE Title: Windows Win32k Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26875
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows RT 8.1 5000848 (Monthly Rollup) Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Elevation of Privilege 4601348
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Elevation of Privilege 4601348
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26875 Mark Rogers of PowerMapper Software


CVE-2021-26876 - OpenType Font Parsing Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26876
MITRE
NVD
CVE Title: OpenType Font Parsing Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 8.8/7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26876
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Critical Remote Code Execution 4601354 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Critical Remote Code Execution 4601354 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Critical Remote Code Execution 4601354 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Critical Remote Code Execution 4601345
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Critical Remote Code Execution 4601345
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Critical Remote Code Execution 4601345
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Critical Remote Code Execution 4601315
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Critical Remote Code Execution 4601315
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Critical Remote Code Execution 4601315
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Critical Remote Code Execution 4601319
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Critical Remote Code Execution 4601319
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Critical Remote Code Execution 4601319
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Critical Remote Code Execution 4601319
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Critical Remote Code Execution 4601319
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Critical Remote Code Execution 4601319
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Critical Remote Code Execution 4601345
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Critical Remote Code Execution 4601345
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Critical Remote Code Execution 4601315
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Critical Remote Code Execution 4601319
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Critical Remote Code Execution 4601319
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26876 Arlie Davis - Windows / Azure Safe Systems Programming Languages Team


Keqi Hu


CVE-2021-26877 - Windows DNS Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26877
MITRE
NVD
CVE Title: Windows DNS Server Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 9.8/8.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Can this vulnerability by mitigated by enabling Secure Zone Updates?

Enabling Secure Zone Updates constrains the potential sources of the attack, but does not completely prevent it. For example, a malicious insider could attack a “secure zone update” DNS server from a domain-joined computer. This is only a partial mitigation.

Does this vulnerability impact just standalone DNS Primary Authoritative Server and not a DNS Server integrated with Active Directory?

This vulnerability impacts any DNS server. The surrounding configuration can limit possible vectors/sources for the attack, but proper mitigation requires this month’s security update patch.


If my server is not configured to be a DNS server, it is vulnerable?

No, this vulnerability is only exploitable if the server is configured to be a DNS server.


Mitigations:

Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26877
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows Server 2008 for 32-bit Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Remote Code Execution 4601360
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Remote Code Execution 4601360
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Remote Code Execution 4601360
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Remote Code Execution 4601360
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Remote Code Execution 4601347
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Remote Code Execution 4601347
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Remote Code Execution 4601348
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Remote Code Execution 4601348
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Remote Code Execution 4601384
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Remote Code Execution 4601384
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Remote Code Execution 4601318
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Remote Code Execution 4601318
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Remote Code Execution 4601345
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Remote Code Execution 4601345
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Remote Code Execution 4601315
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26877 Microsoft Platform Security & Vulnerability Research


CVE-2021-26878 - Windows Print Spooler Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26878
MITRE
NVD
CVE Title: Windows Print Spooler Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26878
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows RT 8.1 5000848 (Monthly Rollup) Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Elevation of Privilege 4601348
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Elevation of Privilege 4601348
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26878

This vulnerability was discovered by Bryan de Houwer and Thibault van Geluwe de Berlaere.


x


CVE-2021-26879 - Windows NAT Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26879
MITRE
NVD
CVE Title: Windows NAT Denial of Service Vulnerability
CVSS:

CVSS:3.0 7.5/6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26879
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for x64-based Systems 5000807 (Security Update) Important Denial of Service 4601331 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Important Denial of Service 4601318
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Denial of Service 4601354 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Denial of Service 4601345
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Denial of Service 4601315
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Denial of Service 4601319
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Denial of Service 4601319
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Denial of Service 4601384
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Denial of Service 4601384
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Denial of Service 4601384
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Denial of Service 4601318
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Denial of Service 4601318
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Denial of Service 4601345
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Denial of Service 4601345
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Denial of Service 4601315
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Denial of Service 4601319
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Denial of Service 4601319
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26879 Huichen Lin and Dong Seong Kim of School of Information Technology and Electrical Engineering - The University of Queensland


CVE-2021-26880 - Storage Spaces Controller Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26880
MITRE
NVD
CVE Title: Storage Spaces Controller Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26880
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1607 for 32-bit Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26880 nghiadt12 (@nghiadt1098) from Viettel Cyber Security


anonymous


JeongOh Kyea (@kkokkokye) of THEORI


CVE-2021-26881 - Microsoft Windows Media Foundation Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26881
MITRE
NVD
CVE Title: Microsoft Windows Media Foundation Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.5/6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26881
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5000807 (Security Update) Important Remote Code Execution 4601331 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 5000807 (Security Update) Important Remote Code Execution 4601331 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 5000803 (Security Update) Important Remote Code Execution 4601318
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Important Remote Code Execution 4601318
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Remote Code Execution 4601354 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Remote Code Execution 4601354 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Remote Code Execution 4601354 Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Remote Code Execution 4601345
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Remote Code Execution 4601345
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Remote Code Execution 4601345
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Remote Code Execution 4601315
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Remote Code Execution 4601315
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Remote Code Execution 4601315
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Remote Code Execution 4601347
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Remote Code Execution 4601347
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Remote Code Execution 4601384
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Remote Code Execution 4601384
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows RT 8.1 5000848 (Monthly Rollup) Important Remote Code Execution 4601384
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Remote Code Execution 4601347
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Remote Code Execution 4601347
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Remote Code Execution 4601348
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Remote Code Execution 4601348
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Remote Code Execution 4601384
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Remote Code Execution 4601384
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Remote Code Execution 4601318
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Remote Code Execution 4601318
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Remote Code Execution 4601345
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Remote Code Execution 4601345
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Remote Code Execution 4601315
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26881 HAO LI of VenusTech ADLab


CVE-2021-26882 - Remote Access API Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26882
MITRE
NVD
CVE Title: Remote Access API Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26882
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows RT 8.1 5000848 (Monthly Rollup) Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Elevation of Privilege 4601348
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Elevation of Privilege 4601348
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26882 Jianyang Song (https://twitter.com/SecBoxer)


CVE-2021-26884 - Windows Media Photo Codec Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26884
MITRE
NVD
CVE Title: Windows Media Photo Codec Information Disclosure Vulnerability
CVSS:

CVSS:3.0 5.5/4.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What type of information could be disclosed by this vulnerability?

The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26884
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5000807 (Security Update) Important Information Disclosure 4601331 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 5000807 (Security Update) Important Information Disclosure 4601331 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 5000803 (Security Update) Important Information Disclosure 4601318
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Important Information Disclosure 4601318
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Information Disclosure 4601354 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Information Disclosure 4601354 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Information Disclosure 4601354 Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Information Disclosure 4601345
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Information Disclosure 4601345
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Information Disclosure 4601345
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Information Disclosure 4601315
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Information Disclosure 4601315
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Information Disclosure 4601315
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Information Disclosure 4601319
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Information Disclosure 4601319
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Information Disclosure 4601319
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Information Disclosure 4601319
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Information Disclosure 4601319
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Information Disclosure 4601319
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Information Disclosure 4601384
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Information Disclosure 4601384
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows RT 8.1 5000848 (Monthly Rollup) Important Information Disclosure 4601384
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2012 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Information Disclosure 4601348
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Information Disclosure 4601348
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Information Disclosure 4601384
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Information Disclosure 4601384
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Information Disclosure 4601318
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Information Disclosure 4601318
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Information Disclosure 4601345
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Information Disclosure 4601345
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Information Disclosure 4601315
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Information Disclosure 4601319
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Information Disclosure 4601319
Base: 5.5
Temporal: 4.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26884 Worawit Wangwarunyoo of Datafarm


CVE-2021-26885 - Windows WalletService Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26885
MITRE
NVD
CVE Title: Windows WalletService Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26885
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26885 Xuefeng Li (@lxf02942370) of Sangfor & Zhiniang Peng (@edwardzpeng) of Sangfor


CVE-2021-26886 - User Profile Service Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26886
MITRE
NVD
CVE Title: User Profile Service Denial of Service Vulnerability
CVSS:

CVSS:3.0 6.1/5.3
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityLow
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26886
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5000807 (Security Update) Important Denial of Service 4601331 Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 5000807 (Security Update) Important Denial of Service 4601331 Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 5000803 (Security Update) Important Denial of Service 4601318
Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Important Denial of Service 4601318
Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Denial of Service 4601354 Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Denial of Service 4601354 Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Denial of Service 4601354 Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Denial of Service 4601345
Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Denial of Service 4601345
Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Denial of Service 4601345
Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Denial of Service 4601315
Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Denial of Service 4601315
Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Denial of Service 4601315
Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Denial of Service 4601319
Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Denial of Service 4601319
Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Denial of Service 4601319
Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Denial of Service 4601319
Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Denial of Service 4601319
Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Denial of Service 4601319
Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Denial of Service 4601384
Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Denial of Service 4601384
Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows RT 8.1 5000848 (Monthly Rollup) Important Denial of Service 4601384
Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Denial of Service 4601348
Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Denial of Service 4601348
Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Denial of Service 4601384
Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Denial of Service 4601384
Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Denial of Service 4601318
Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Denial of Service 4601318
Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Denial of Service 4601345
Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Denial of Service 4601345
Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Denial of Service 4601315
Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Denial of Service 4601319
Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Denial of Service 4601319
Base: 6.1
Temporal: 5.3
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26886 Abdelhamid Naceri working with Trend Micro Zero Day Initiative


CVE-2021-26887 - Microsoft Windows Folder Redirection Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26887
MITRE
NVD
CVE Title: Microsoft Windows Folder Redirection Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

There are no Downloads listed in the Security Updates table. How do I protect my system from this vulnerability?

This elevation of privilege vulnerability can only be addressed by reconfiguring Folder Redirection with Offline files and restricting permissions, and NOT via a security update for affected Windows Servers. See Deploy Folder Redirection with Offline Files for instructions for configuring your system.


Mitigations:
None
Workarounds:
None
Revision:
1.1    2021-03-15T07:00:00Z    

The instructions in the article, https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/jj649078(v%3dws.11), have been updated since this CVE was released on March 9, 2021. Microsoft recommends that customers re-visit the article ensure their systems are properly configured to be protected against this vulnerability. This elevation of privilege vulnerability can only be addressed by reconfiguring Folder Redirection with Offline files and restricting permissions, and NOT via a security update for affected Windows Servers.


1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26887
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows 10 for x64-based Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows 10 Version 1607 for 32-bit Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows 10 Version 1607 for x64-based Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows 10 Version 1803 for 32-bit Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows 10 Version 1803 for ARM64-based Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows 10 Version 1803 for x64-based Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows 10 Version 1809 for 32-bit Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows 10 Version 1809 for ARM64-based Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows 10 Version 1809 for x64-based Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows 10 Version 1909 for 32-bit Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows 10 Version 1909 for ARM64-based Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows 10 Version 1909 for x64-based Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows 10 Version 2004 for 32-bit Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows 10 Version 2004 for ARM64-based Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows 10 Version 2004 for x64-based Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows 10 Version 20H2 for 32-bit Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows 10 Version 20H2 for ARM64-based Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows 10 Version 20H2 for x64-based Systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows 7 for 32-bit Systems Service Pack 1 Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows 7 for x64-based Systems Service Pack 1 Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows 8.1 for 32-bit systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows 8.1 for x64-based systems Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows RT 8.1 Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows Server 2008 for 32-bit Systems Service Pack 2 Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows Server 2008 for x64-based Systems Service Pack 2 Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows Server 2008 R2 for x64-based Systems Service Pack 1 Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows Server 2012 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Elevation of Privilege 4601348
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Elevation of Privilege 4601348
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows Server 2012 R2 (Server Core installation) Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows Server 2016 Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows Server 2016 (Server Core installation) Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows Server 2019 Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows Server 2019 (Server Core installation) Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows Server, version 1909 (Server Core installation) Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows Server, version 2004 (Server Core installation) Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown
Windows Server, version 20H2 (Server Core Installation) Important Elevation of Privilege None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26887 somaro


CVE-2021-26889 - Windows Update Stack Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26889
MITRE
NVD
CVE Title: Windows Update Stack Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26889
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26889 Abdelhamid Naceri (halov) working with Trend Micro Zero Day Initiative


CVE-2021-26890 - Application Virtualization Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26890
MITRE
NVD
CVE Title: Application Virtualization Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26890
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Remote Code Execution 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Remote Code Execution 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Remote Code Execution 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Remote Code Execution 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Remote Code Execution 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Remote Code Execution 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Remote Code Execution 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Remote Code Execution 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Remote Code Execution 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26890 Will Dormann CERT/CC


CVE-2021-26891 - Windows Container Execution Agent Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26891
MITRE
NVD
CVE Title: Windows Container Execution Agent Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26891
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1607 for 32-bit Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26891 James Forshaw of Google Project Zero


CVE-2021-26892 - Windows Extensible Firmware Interface Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26892
MITRE
NVD
CVE Title: Windows Extensible Firmware Interface Security Feature Bypass Vulnerability
CVSS:

CVSS:3.0 6.2/5.6
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityNone
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26892
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1607 for 32-bit Systems 5000803 (Security Update) Important Security Feature Bypass 4601318
Base: 6.2
Temporal: 5.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Important Security Feature Bypass 4601318
Base: 6.2
Temporal: 5.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Security Feature Bypass 4601354 Base: 6.2
Temporal: 5.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Security Feature Bypass 4601354 Base: 6.2
Temporal: 5.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Security Feature Bypass 4601354 Base: 6.2
Temporal: 5.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Security Feature Bypass 4601345
Base: 6.2
Temporal: 5.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Security Feature Bypass 4601345
Base: 6.2
Temporal: 5.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Security Feature Bypass 4601345
Base: 6.2
Temporal: 5.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Security Feature Bypass 4601315
Base: 6.2
Temporal: 5.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Security Feature Bypass 4601315
Base: 6.2
Temporal: 5.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Security Feature Bypass 4601315
Base: 6.2
Temporal: 5.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Security Feature Bypass 4601319
Base: 6.2
Temporal: 5.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Security Feature Bypass 4601319
Base: 6.2
Temporal: 5.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Security Feature Bypass 4601319
Base: 6.2
Temporal: 5.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Security Feature Bypass 4601319
Base: 6.2
Temporal: 5.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Security Feature Bypass 4601319
Base: 6.2
Temporal: 5.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Security Feature Bypass 4601319
Base: 6.2
Temporal: 5.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Security Feature Bypass 4601318
Base: 6.2
Temporal: 5.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Security Feature Bypass 4601318
Base: 6.2
Temporal: 5.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Security Feature Bypass 4601345
Base: 6.2
Temporal: 5.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Security Feature Bypass 4601345
Base: 6.2
Temporal: 5.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Security Feature Bypass 4601315
Base: 6.2
Temporal: 5.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Security Feature Bypass 4601319
Base: 6.2
Temporal: 5.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Security Feature Bypass 4601319
Base: 6.2
Temporal: 5.6
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26892 Abdelhamid Naceri (halov) working with Trend Micro Zero Day Initiative


CVE-2021-26893 - Windows DNS Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26893
MITRE
NVD
CVE Title: Windows DNS Server Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 9.8/8.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Can this vulnerability by mitigated by enabling Secure Zone Updates?

Enabling Secure Zone Updates constrains the potential sources of the attack, but does not completely prevent it. For example, a malicious insider could attack a “secure zone update” DNS server from a domain-joined computer. This is only a partial mitigation.

Does this vulnerability impact just standalone DNS Primary Authoritative Server and not a DNS Server integrated with Active Directory?

This vulnerability impacts any DNS server. The surrounding configuration can limit possible vectors/sources for the attack, but proper mitigation requires this month’s security update patch.


If my server is not configured to be a DNS server, it is vulnerable?

No, this vulnerability is only exploitable if the server is configured to be a DNS server.


Mitigations:

Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26893
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows Server 2008 for 32-bit Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Remote Code Execution 4601360
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Remote Code Execution 4601360
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Remote Code Execution 4601360
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Remote Code Execution 4601360
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Remote Code Execution 4601347
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Remote Code Execution 4601347
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Remote Code Execution 4601348
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Remote Code Execution 4601348
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Remote Code Execution 4601384
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Remote Code Execution 4601384
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Remote Code Execution 4601318
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Remote Code Execution 4601318
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Remote Code Execution 4601345
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Remote Code Execution 4601345
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Remote Code Execution 4601315
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26893 Nicolas Joly of Microsoft Corporation


CVE-2021-26894 - Windows DNS Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26894
MITRE
NVD
CVE Title: Windows DNS Server Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 9.8/8.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Can this vulnerability by mitigated by enabling Secure Zone Updates?

Enabling Secure Zone Updates constrains the potential sources of the attack, but does not completely prevent it. For example, a malicious insider could attack a “secure zone update” DNS server from a domain-joined computer. This is only a partial mitigation.

Does this vulnerability impact just standalone DNS Primary Authoritative Server and not a DNS Server integrated with Active Directory?

This vulnerability impacts any DNS server. The surrounding configuration can limit possible vectors/sources for the attack, but proper mitigation requires this month’s security update patch.


If my server is not configured to be a DNS server, it is vulnerable?

No, this vulnerability is only exploitable if the server is configured to be a DNS server.


Mitigations:

Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26894
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows Server 2008 for 32-bit Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Remote Code Execution 4601360
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Remote Code Execution 4601360
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Remote Code Execution 4601360
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Remote Code Execution 4601360
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Remote Code Execution 4601347
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Remote Code Execution 4601347
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Remote Code Execution 4601348
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Remote Code Execution 4601348
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Remote Code Execution 4601384
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Remote Code Execution 4601384
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Remote Code Execution 4601318
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Remote Code Execution 4601318
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Remote Code Execution 4601345
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Remote Code Execution 4601345
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Remote Code Execution 4601315
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26894 Nicolas Joly of Microsoft Corporation


CVE-2021-26895 - Windows DNS Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26895
MITRE
NVD
CVE Title: Windows DNS Server Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 9.8/8.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Can this vulnerability by mitigated by enabling Secure Zone Updates?

Enabling Secure Zone Updates constrains the potential sources of the attack, but does not completely prevent it. For example, a malicious insider could attack a “secure zone update” DNS server from a domain-joined computer. This is only a partial mitigation.

Does this vulnerability impact just standalone DNS Primary Authoritative Server and not a DNS Server integrated with Active Directory?

This vulnerability impacts any DNS server. The surrounding configuration can limit possible vectors/sources for the attack, but proper mitigation requires this month’s security update patch.


If my server is not configured to be a DNS server, it is vulnerable?

No, this vulnerability is only exploitable if the server is configured to be a DNS server.


Mitigations:

Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26895
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows Server 2008 for 32-bit Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Remote Code Execution 4601360
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Remote Code Execution 4601360
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Remote Code Execution 4601360
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Remote Code Execution 4601360
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Remote Code Execution 4601347
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Remote Code Execution 4601347
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Remote Code Execution 4601348
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Remote Code Execution 4601348
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Remote Code Execution 4601384
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Remote Code Execution 4601384
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Remote Code Execution 4601318
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Remote Code Execution 4601318
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Remote Code Execution 4601345
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Remote Code Execution 4601345
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Remote Code Execution 4601315
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26895 Nicolas Joly of Microsoft Corporation


CVE-2021-26896 - Windows DNS Server Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26896
MITRE
NVD
CVE Title: Windows DNS Server Denial of Service Vulnerability
CVSS:

CVSS:3.0 7.5/6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Can this vulnerability by mitigated by enabling Secure Zone Updates?

Enabling Secure Zone Updates constrains the potential sources of the attack, but does not completely prevent it. For example, a malicious insider could attack a “secure zone update” DNS server from a domain-joined computer. This is only a partial mitigation.

Does this vulnerability impact just standalone DNS Primary Authoritative Server and not a DNS Server integrated with Active Directory?

This vulnerability impacts any DNS server. The surrounding configuration can limit possible vectors/sources for the attack, but proper mitigation requires this month’s security update patch.


If my server is not configured to be a DNS server, it is vulnerable?

No, this vulnerability is only exploitable if the server is configured to be a DNS server.


Mitigations:

Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26896
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows Server 2008 for 32-bit Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Denial of Service 4601360
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Denial of Service 4601360
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Denial of Service 4601360
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Denial of Service 4601360
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Denial of Service 4601347
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Denial of Service 4601347
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Denial of Service 4601348
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Denial of Service 4601348
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Denial of Service 4601384
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Denial of Service 4601384
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Denial of Service 4601318
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Denial of Service 4601318
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Denial of Service 4601345
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Denial of Service 4601345
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Denial of Service 4601315
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Denial of Service 4601319
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Denial of Service 4601319
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26896 None

CVE-2021-26897 - Windows DNS Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26897
MITRE
NVD
CVE Title: Windows DNS Server Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 9.8/8.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Can this vulnerability by mitigated by enabling Secure Zone Updates?

Enabling Secure Zone Updates constrains the potential sources of the attack, but does not completely prevent it. For example, a malicious insider could attack a “secure zone update” DNS server from a domain-joined computer. This is only a partial mitigation.

Does this vulnerability impact just standalone DNS Primary Authoritative Server and not a DNS Server integrated with Active Directory?

This vulnerability impacts any DNS server. The surrounding configuration can limit possible vectors/sources for the attack, but proper mitigation requires this month’s security update patch.


If my server is not configured to be a DNS server, it is vulnerable?

No, this vulnerability is only exploitable if the server is configured to be a DNS server.


Mitigations:

Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26897
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows Server 2008 for 32-bit Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Critical Remote Code Execution 4601360
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Critical Remote Code Execution 4601360
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Critical Remote Code Execution 4601360
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Critical Remote Code Execution 4601360
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Critical Remote Code Execution 4601347
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5000841 (Monthly Rollup)
5000851 (Security Only)
Critical Remote Code Execution 4601347
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 5000847 (Monthly Rollup)
5000840 (Security Only)
Critical Remote Code Execution 4601348
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5000847 (Monthly Rollup)
5000840 (Security Only)
Critical Remote Code Execution 4601348
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5000848 (Monthly Rollup)
5000853 (Security Only)
Critical Remote Code Execution 4601384
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5000848 (Monthly Rollup)
5000853 (Security Only)
Critical Remote Code Execution 4601384
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Critical Remote Code Execution 4601318
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Critical Remote Code Execution 4601318
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Critical Remote Code Execution 4601345
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Critical Remote Code Execution 4601345
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Critical Remote Code Execution 4601315
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Critical Remote Code Execution 4601319
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Critical Remote Code Execution 4601319
Base: 9.8
Temporal: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26897 None

CVE-2021-26898 - Windows Event Tracing Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26898
MITRE
NVD
CVE Title: Windows Event Tracing Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26898
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows RT 8.1 5000848 (Monthly Rollup) Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Elevation of Privilege 4601348
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Elevation of Privilege 4601348
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26898 Yuki Chen


CVE-2021-26899 - Windows UPnP Device Host Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26899
MITRE
NVD
CVE Title: Windows UPnP Device Host Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26899
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows RT 8.1 5000848 (Monthly Rollup) Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Elevation of Privilege 4601348
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Elevation of Privilege 4601348
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26899 Yuki Chen


CVE-2021-26900 - Windows Win32k Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26900
MITRE
NVD
CVE Title: Windows Win32k Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26900
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26900 JeongOh Kyea (@kkokkokye) of THEORI working with Trend Micro Zero Day Initiative


CVE-2021-26901 - Windows Event Tracing Elevation of Privilege Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26901
MITRE
NVD
CVE Title: Windows Event Tracing Elevation of Privilege Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Elevation of Privilege

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26901
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows 10 for 32-bit Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 for x64-based Systems 5000807 (Security Update) Important Elevation of Privilege 4601331 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for 32-bit Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1607 for x64-based Systems 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Elevation of Privilege 4601354 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for 32-bit Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 7 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for 32-bit systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows 8.1 for x64-based systems 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows RT 8.1 5000848 (Monthly Rollup) Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Elevation of Privilege 4601360
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Elevation of Privilege 4601347
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Elevation of Privilege 4601348
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Elevation of Privilege 4601348
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Elevation of Privilege 4601384
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Elevation of Privilege 4601318
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Elevation of Privilege 4601345
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Elevation of Privilege 4601315
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Elevation of Privilege 4601319
Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26901 Yuki Chen


CVE-2021-26902 - HEVC Video Extensions Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26902
MITRE
NVD
CVE Title: HEVC Video Extensions Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

How do I get the updated app?

The Microsoft Store will automatically update affected customers. Alternatively, customers can get the update immediately; see here for details.

It is possible for customers to disable automatic updates for the Microsoft Store. The Microsoft Store will not automatically install this update for those customers.

My system is in a disconnected environment; is it vulnerable?

Customers using the Microsoft Store for Business and Microsoft Store for Education can get this update through their organizations.

How can I check if the update is installed?

If your device manufacturer preinstalled this app, package versions 1.0.40203.0 and later contain this update.

If you purchased this app from the Microsoft Store, package versions 1.0.40204.0 and later contain this update.

You can check the package version in PowerShell:

Get-AppxPackage -Name Microsoft.HEVCVideoExtension*


Mitigations:
None
Workarounds:
None
Revision:
1.1    2021-04-06T07:00:00Z    

Updated FAQ information. This is an informational change only.


1.0    2021-03-09T08:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26902
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
HEVC Video Extensions Critical Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26902 Dhanesh Kizhakkinan of FireEye Inc.


CVE-2021-27047 - HEVC Video Extensions Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27047
MITRE
NVD
CVE Title: HEVC Video Extensions Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

How do I get the updated app?

The Microsoft Store will automatically update affected customers. Alternatively, customers can get the update immediately; see here for details.

It is possible for customers to disable automatic updates for the Microsoft Store. The Microsoft Store will not automatically install this update for those customers.

My system is in a disconnected environment; is it vulnerable?

Customers using the Microsoft Store for Business and Microsoft Store for Education can get this update through their organizations.

How can I check if the update is installed?

If your device manufacturer preinstalled this app, package versions 1.0.40203.0 and later contain this update.

If you purchased this app from the Microsoft Store, package versions 1.0.40204.0 and later contain this update.

You can check the package version in PowerShell:

Get-AppxPackage -Name Microsoft.HEVCVideoExtension*


Mitigations:
None
Workarounds:
None
Revision:
1.1    2021-04-06T07:00:00Z    

Updated FAQ information. This is an informational change only.


1.0    2021-03-09T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27047
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
HEVC Video Extensions Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27047 Dhanesh Kizhakkinan of FireEye Inc.


CVE-2021-27048 - HEVC Video Extensions Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27048
MITRE
NVD
CVE Title: HEVC Video Extensions Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

How do I get the updated app?

The Microsoft Store will automatically update affected customers. Alternatively, customers can get the update immediately; see here for details.

It is possible for customers to disable automatic updates for the Microsoft Store. The Microsoft Store will not automatically install this update for those customers.

My system is in a disconnected environment; is it vulnerable?

Customers using the Microsoft Store for Business and Microsoft Store for Education can get this update through their organizations.

How can I check if the update is installed?

If your device manufacturer preinstalled this app, package versions 1.0.40203.0 and later contain this update.

If you purchased this app from the Microsoft Store, package versions 1.0.40204.0 and later contain this update.

You can check the package version in PowerShell:

Get-AppxPackage -Name Microsoft.HEVCVideoExtension*


Mitigations:
None
Workarounds:
None
Revision:
1.1    2021-04-06T07:00:00Z    

Updated FAQ information. This is an informational change only.


1.0    2021-03-09T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27048
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
HEVC Video Extensions Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27048 Dhanesh Kizhakkinan of FireEye Inc.


CVE-2021-27049 - HEVC Video Extensions Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27049
MITRE
NVD
CVE Title: HEVC Video Extensions Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

How do I get the updated app?

The Microsoft Store will automatically update affected customers. Alternatively, customers can get the update immediately; see here for details.

It is possible for customers to disable automatic updates for the Microsoft Store. The Microsoft Store will not automatically install this update for those customers.

My system is in a disconnected environment; is it vulnerable?

Customers using the Microsoft Store for Business and Microsoft Store for Education can get this update through their organizations.

How can I check if the update is installed?

If your device manufacturer preinstalled this app, package versions 1.0.40203.0 and later contain this update.

If you purchased this app from the Microsoft Store, package versions 1.0.40204.0 and later contain this update.

You can check the package version in PowerShell:

Get-AppxPackage -Name Microsoft.HEVCVideoExtension*


Mitigations:
None
Workarounds:
None
Revision:
1.1    2021-04-06T07:00:00Z    

Updated FAQ information. This is an informational change only.


1.0    2021-03-09T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27049
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
HEVC Video Extensions Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27049 Dhanesh Kizhakkinan of FireEye Inc.


CVE-2021-27050 - HEVC Video Extensions Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27050
MITRE
NVD
CVE Title: HEVC Video Extensions Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

How do I get the updated app?

The Microsoft Store will automatically update affected customers. Alternatively, customers can get the update immediately; see here for details.

It is possible for customers to disable automatic updates for the Microsoft Store. The Microsoft Store will not automatically install this update for those customers.

My system is in a disconnected environment; is it vulnerable?

Customers using the Microsoft Store for Business and Microsoft Store for Education can get this update through their organizations.

How can I check if the update is installed?

If your device manufacturer preinstalled this app, package versions 1.0.40203.0 and later contain this update.

If you purchased this app from the Microsoft Store, package versions 1.0.40204.0 and later contain this update.

You can check the package version in PowerShell:

Get-AppxPackage -Name Microsoft.HEVCVideoExtension*


Mitigations:
None
Workarounds:
None
Revision:
1.1    2021-04-06T07:00:00Z    

Updated FAQ information. This is an informational change only.


1.0    2021-03-09T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27050
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
HEVC Video Extensions Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27050 Le Huu Quang Linh (@linhlhq) from Vietnam National Cyber Security Center (NCSC Vietnam)


CVE-2021-27051 - HEVC Video Extensions Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27051
MITRE
NVD
CVE Title: HEVC Video Extensions Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

How do I get the updated app?

The Microsoft Store will automatically update affected customers. Alternatively, customers can get the update immediately; see here for details.

It is possible for customers to disable automatic updates for the Microsoft Store. The Microsoft Store will not automatically install this update for those customers.

My system is in a disconnected environment; is it vulnerable?

Customers using the Microsoft Store for Business and Microsoft Store for Education can get this update through their organizations.

How can I check if the update is installed?

If your device manufacturer preinstalled this app, package versions 1.0.40203.0 and later contain this update.

If you purchased this app from the Microsoft Store, package versions 1.0.40204.0 and later contain this update.

You can check the package version in PowerShell:

Get-AppxPackage -Name Microsoft.HEVCVideoExtension*


Mitigations:
None
Workarounds:
None
Revision:
1.1    2021-04-06T07:00:00Z    

Updated FAQ information. This is an informational change only.


1.0    2021-03-09T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27051
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
HEVC Video Extensions Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27051 Dhanesh Kizhakkinan of FireEye Inc.


Le Huu Quang Linh (@linhlhq) from Vietnam National Cyber Security Center (NCSC Vietnam)


CVE-2021-27052 - Microsoft SharePoint Server Information Disclosure Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27052
MITRE
NVD
CVE Title: Microsoft SharePoint Server Information Disclosure Vulnerability
CVSS:

CVSS:3.0 5.3/4.8
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What kind of information can be disclosed?

An attacker can gain access to an organizational's email, sites, filename, url of file...


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Information Disclosure

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27052
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft SharePoint Enterprise Server 2016 4493232 (Security Update) Important Information Disclosure 4493195 Base: 5.3
Temporal: 4.8
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2019 4493230 (Security Update) Important Information Disclosure 4493194
Base: 5.3
Temporal: 4.8
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27052 Huynh Thong


CVE-2021-27053 - Microsoft Excel Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27053
MITRE
NVD
CVE Title: Microsoft Excel Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Are the updates for the Microsoft Office 2019 for Mac currently available?

The security update for Microsoft Office 2019 for Mac is not immediately available. The update will be released as soon as possible, and when it is available, customers will be notified via a revision to this CVE information.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27053
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
No
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
No
Microsoft Excel 2010 Service Pack 2 (32-bit editions) 4504707 (Security Update) Important Remote Code Execution 4493222 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Excel 2010 Service Pack 2 (64-bit editions) 4504707 (Security Update) Important Remote Code Execution 4493222 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Excel 2013 RT Service Pack 1 4493239 (Security Update) Important Remote Code Execution 4493211 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Excel 2013 Service Pack 1 (32-bit editions) 4493239 (Security Update) Important Remote Code Execution 4493211 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Excel 2013 Service Pack 1 (64-bit editions) 4493239 (Security Update) Important Remote Code Execution 4493211 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Excel 2016 (32-bit edition) 4493233 (Security Update) Important Remote Code Execution 4493196 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Excel 2016 (64-bit edition) 4493233 (Security Update) Important Remote Code Execution 4493196 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
No
Microsoft Office Online Server 4493229 (Security Update) Important Remote Code Execution 4493192 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office Web Apps Server 2013 Service Pack 1 4493234 (Security Update) Important Remote Code Execution 4493204 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27053 kdot working with Trend Micro Zero Day Initiative


CVE-2021-27054 - Microsoft Excel Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27054
MITRE
NVD
CVE Title: Microsoft Excel Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Are the updates for the Microsoft Office 2019 for Mac currently available?

The security update for Microsoft Office 2019 for Mac is not immediately available. The update will be released as soon as possible, and when it is available, customers will be notified via a revision to this CVE information.


Mitigations:
None
Workarounds:
None
Revision:
2.0    2021-03-16T07:00:00Z    

Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the Release Notes for more information and download links.


1.0    2021-03-09T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27054
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
No
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
No
Microsoft Excel 2010 Service Pack 2 (32-bit editions) 4504707 (Security Update) Important Remote Code Execution 4493222 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Excel 2010 Service Pack 2 (64-bit editions) 4504707 (Security Update) Important Remote Code Execution 4493222 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Excel 2013 RT Service Pack 1 4493239 (Security Update) Important Remote Code Execution 4493211 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Excel 2013 Service Pack 1 (32-bit editions) 4493239 (Security Update) Important Remote Code Execution 4493211 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Excel 2013 Service Pack 1 (64-bit editions) 4493239 (Security Update) Important Remote Code Execution 4493211 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Excel 2016 (32-bit edition) 4493233 (Security Update) Important Remote Code Execution 4493196 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Excel 2016 (64-bit edition) 4493233 (Security Update) Important Remote Code Execution 4493196 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2010 Service Pack 2 (32-bit editions) 4493214 (Security Update) Important Remote Code Execution 4493181 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2010 Service Pack 2 (64-bit editions) 4493214 (Security Update) Important Remote Code Execution 4493181 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2013 RT Service Pack 1 4493203 (Security Update) Important Remote Code Execution 4486759 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2013 Service Pack 1 (32-bit editions) 4493203 (Security Update) Important Remote Code Execution 4486759 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2013 Service Pack 1 (64-bit editions) 4493203 (Security Update) Important Remote Code Execution 4486759 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2016 (32-bit edition) 4493200 (Security Update) Important Remote Code Execution 4493168 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2016 (64-bit edition) 4493200 (Security Update) Important Remote Code Execution 4493168 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
No
Microsoft Office 2019 for Mac Release Notes (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
No
Microsoft Office Online Server 4493229 (Security Update) Important Remote Code Execution 4493192 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office Web Apps Server 2013 Service Pack 1 4493234 (Security Update) Important Remote Code Execution 4493204 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27054 kdot working with Trend Micro Zero Day Initiative


CVE-2021-27055 - Microsoft Visio Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27055
MITRE
NVD
CVE Title: Microsoft Visio Security Feature Bypass Vulnerability
CVSS:

CVSS:3.0 7.0/6.1
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


What is the attack vector for this vulnerability?

Initially an Administrator would need to set a Group Policy in a specific way. Then, an attacker would then need to modify a macro-enabled template that ships with Excel. Then the attacker needs to convince a target to run that malicious file on a system affected by that Policy.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27055
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Security Feature Bypass None Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
No
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Security Feature Bypass None Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
No
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Security Feature Bypass None Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Security Feature Bypass None Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
No
Microsoft Visio 2010 Service Pack 2 (32-bit editions) 4484376 (Security Update) Important Security Feature Bypass 4462225 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Visio 2010 Service Pack 2 (64-bit editions) 4484376 (Security Update) Important Security Feature Bypass 4462225 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Visio 2013 Service Pack 1 (32-bit editions) 4486673 (Security Update) Important Security Feature Bypass 4464544 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Visio 2013 Service Pack 1 (64-bit editions) 4486673 (Security Update) Important Security Feature Bypass 4464544 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Visio 2016 (32-bit edition) 4493151 (Security Update) Important Security Feature Bypass 4484244 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Visio 2016 (64-bit edition) 4493151 (Security Update) Important Security Feature Bypass 4484244 Base: 7.0
Temporal: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27055 Luke Papandrea, Microsoft Corporation


CVE-2021-27056 - Microsoft PowerPoint Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27056
MITRE
NVD
CVE Title: Microsoft PowerPoint Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27056
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
No
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
No
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
No
Microsoft PowerPoint 2010 Service Pack 2 (32-bit editions) 4504702 (Security Update) Important Remote Code Execution 4484372 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft PowerPoint 2010 Service Pack 2 (64-bit editions) 4504702 (Security Update) Important Remote Code Execution 4484372 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft PowerPoint 2013 RT Service Pack 1 4493227 (Security Update) Important Remote Code Execution 4484468 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft PowerPoint 2013 Service Pack 1 (32-bit editions) 4493227 (Security Update) Important Remote Code Execution 4484468 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft PowerPoint 2013 Service Pack 1 (64-bit editions) 4493227 (Security Update) Important Remote Code Execution 4484468 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft PowerPoint 2016 (32-bit edition) 4493224 (Security Update) Important Remote Code Execution 4484393 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft PowerPoint 2016 (64-bit edition) 4493224 (Security Update) Important Remote Code Execution 4484393 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27056 Anonymous working with Trend Micro Zero Day Initiative


CVE-2021-27057 - Microsoft Office Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27057
MITRE
NVD
CVE Title: Microsoft Office Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


What kind of user interaction is required?

A user needs to be tricked into downloading and running malicious files.


Are the updates for the Microsoft Office 2019 for Mac currently available?

The security update for Microsoft Office 2019 for Mac is not immediately available. The update will be released as soon as possible, and when it is available, customers will be notified via a revision to this CVE information.


Mitigations:
None
Workarounds:
None
Revision:
2.0    2021-03-16T07:00:00Z    

Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the Release Notes for more information and download links.


1.0    2021-03-09T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27057
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
No
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
No
Microsoft Excel 2010 Service Pack 2 (32-bit editions) 4504707 (Security Update) Important Remote Code Execution 4493222 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Excel 2010 Service Pack 2 (64-bit editions) 4504707 (Security Update) Important Remote Code Execution 4493222 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Excel 2013 RT Service Pack 1 4493239 (Security Update) Important Remote Code Execution 4493211 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Excel 2013 Service Pack 1 (32-bit editions) 4493239 (Security Update) Important Remote Code Execution 4493211 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Excel 2013 Service Pack 1 (64-bit editions) 4493239 (Security Update) Important Remote Code Execution 4493211 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Excel 2016 (32-bit edition) 4493233 (Security Update) Important Remote Code Execution 4493196 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Excel 2016 (64-bit edition) 4493233 (Security Update) Important Remote Code Execution 4493196 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2010 Service Pack 2 (32-bit editions) 4493214 (Security Update) Important Remote Code Execution 4493181 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2010 Service Pack 2 (64-bit editions) 4493214 (Security Update) Important Remote Code Execution 4493181 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2013 RT Service Pack 1 4493203 (Security Update) Important Remote Code Execution 4486759 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2013 Service Pack 1 (32-bit editions) 4493203 (Security Update) Important Remote Code Execution 4486759 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2013 Service Pack 1 (64-bit editions) 4493203 (Security Update) Important Remote Code Execution 4486759 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2016 (32-bit edition) 4493200 (Security Update) Important Remote Code Execution 4493168 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2016 (64-bit edition) 4493200 (Security Update) Important Remote Code Execution 4493168 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2019 for 32-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
No
Microsoft Office 2019 for 64-bit editions Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
No
Microsoft Office 2019 for Mac Release Notes (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
No
Microsoft Office Online Server 4493229 (Security Update) Important Remote Code Execution 4493192 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office Web Apps 2013 Service Pack 1 4493234 (Security Update) Important Remote Code Execution 4493204 Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27057 Anonymous working with Trend Micro Zero Day Initiative


CVE-2021-27058 - Microsoft Office ClickToRun Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27058
MITRE
NVD
CVE Title: Microsoft Office ClickToRun Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27058
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft 365 Apps for Enterprise for 32-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
No
Microsoft 365 Apps for Enterprise for 64-bit Systems Click to Run (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
No

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27058 Will Dormann CERT/CC


CVE-2021-27059 - Microsoft Office Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27059
MITRE
NVD
CVE Title: Microsoft Office Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.6/6.6
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredHigh
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Is the Preview Pane an attack vector for this vulnerability?

No, the Preview Pane is not an attack vector.


Mitigations:
None
Workarounds:
None
Revision:
1.1    2021-03-12T08:00:00Z    

Added an acknowledgement and changed the Exploited flag to Yes. This is an informational update only.


1.0    2021-03-09T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27059
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Office 2010 Service Pack 2 (32-bit editions) 4504703 (Security Update) Important Remote Code Execution 4486698 Base: 7.6
Temporal: 6.6
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2010 Service Pack 2 (64-bit editions) 4504703 (Security Update) Important Remote Code Execution 4486698 Base: 7.6
Temporal: 6.6
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2013 RT Service Pack 1 4493228 (Security Update) Important Remote Code Execution 4484469 Base: 7.6
Temporal: 6.6
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2013 Service Pack 1 (32-bit editions) 4493228 (Security Update) Important Remote Code Execution 4484469 Base: 7.6
Temporal: 6.6
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2013 Service Pack 1 (64-bit editions) 4493228 (Security Update) Important Remote Code Execution 4484469 Base: 7.6
Temporal: 6.6
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2016 (32-bit edition) 4493225 (Security Update) Important Remote Code Execution 4484466 Base: 7.6
Temporal: 6.6
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Office 2016 (64-bit edition) 4493225 (Security Update) Important Remote Code Execution 4484466 Base: 7.6
Temporal: 6.6
Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27059 Chi-Yu You and Dhanesh Kizhakkinan of FireEye Inc.


CVE-2021-27061 - HEVC Video Extensions Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27061
MITRE
NVD
CVE Title: HEVC Video Extensions Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

How do I get the updated app?

The Microsoft Store will automatically update affected customers. Alternatively, customers can get the update immediately; see here for details.

It is possible for customers to disable automatic updates for the Microsoft Store. The Microsoft Store will not automatically install this update for those customers.

My system is in a disconnected environment; is it vulnerable?

Customers using the Microsoft Store for Business and Microsoft Store for Education can get this update through their organizations.

How can I check if the update is installed?

If your device manufacturer preinstalled this app, package versions 1.0.40203.0 and later contain this update.

If you purchased this app from the Microsoft Store, package versions 1.0.40204.0 and later contain this update.

You can check the package version in PowerShell:

Get-AppxPackage -Name Microsoft.HEVCVideoExtension*


Mitigations:
None
Workarounds:
None
Revision:
1.1    2021-04-06T07:00:00Z    

Updated FAQ information. This is an informational change only.


1.0    2021-03-09T08:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27061
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
HEVC Video Extensions Critical Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27061 Dhanesh Kizhakkinan of FireEye Inc.


CVE-2021-27062 - HEVC Video Extensions Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27062
MITRE
NVD
CVE Title: HEVC Video Extensions Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

How do I get the updated app?

The Microsoft Store will automatically update affected customers. Alternatively, customers can get the update immediately; see here for details.

It is possible for customers to disable automatic updates for the Microsoft Store. The Microsoft Store will not automatically install this update for those customers.

My system is in a disconnected environment; is it vulnerable?

Customers using the Microsoft Store for Business and Microsoft Store for Education can get this update through their organizations.

How can I check if the update is installed?

If your device manufacturer preinstalled this app, package versions 1.0.40203.0 and later contain this update.

If you purchased this app from the Microsoft Store, package versions 1.0.40204.0 and later contain this update.

You can check the package version in PowerShell:

Get-AppxPackage -Name Microsoft.HEVCVideoExtension*


Mitigations:
None
Workarounds:
None
Revision:
1.1    2021-04-06T07:00:00Z    

Updated FAQ information. This is an informational change only.


1.0    2021-03-09T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27062
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
HEVC Video Extensions Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27062 Le Huu Quang Linh (@linhlhq) from Vietnam National Cyber Security Center (NCSC Vietnam)


CVE-2021-27063 - Windows DNS Server Denial of Service Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27063
MITRE
NVD
CVE Title: Windows DNS Server Denial of Service Vulnerability
CVSS:

CVSS:3.0 7.5/6.5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Can this vulnerability by mitigated by enabling Secure Zone Updates?

Enabling Secure Zone Updates constrains the potential sources of the attack, but does not completely prevent it. For example, a malicious insider could attack a “secure zone update” DNS server from a domain-joined computer. This is only a partial mitigation.

Does this vulnerability impact just standalone DNS Primary Authoritative Server and not a DNS Server integrated with Active Directory?

This vulnerability impacts any DNS server. The surrounding configuration can limit possible vectors/sources for the attack, but proper mitigation requires this month’s security update patch.


If my server is not configured to be a DNS server, it is vulnerable?

No, this vulnerability is only exploitable if the server is configured to be a DNS server.


Mitigations:

Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Denial of Service

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27063
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows Server 2008 for 32-bit Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Denial of Service 4601360
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Denial of Service 4601360
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Denial of Service 4601360
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 5000844 (Monthly Rollup)
5000856 (Security Only)
Important Denial of Service 4601360
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Denial of Service 4601347
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 5000841 (Monthly Rollup)
5000851 (Security Only)
Important Denial of Service 4601347
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Denial of Service 4601348
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 (Server Core installation) 5000847 (Monthly Rollup)
5000840 (Security Only)
Important Denial of Service 4601348
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Denial of Service 4601384
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2012 R2 (Server Core installation) 5000848 (Monthly Rollup)
5000853 (Security Only)
Important Denial of Service 4601384
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 5000803 (Security Update) Important Denial of Service 4601318
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2016 (Server Core installation) 5000803 (Security Update) Important Denial of Service 4601318
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 5000822 (Security Update) Important Denial of Service 4601345
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server 2019 (Server Core installation) 5000822 (Security Update) Important Denial of Service 4601345
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 1909 (Server Core installation) 5000808 (Security Update) Important Denial of Service 4601315
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 2004 (Server Core installation) 5000802 (Security Update) Important Denial of Service 4601319
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes
Windows Server, version 20H2 (Server Core Installation) 5000802 (Security Update) Important Denial of Service 4601319
Base: 7.5
Temporal: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27063 None

CVE-2021-27065 - Microsoft Exchange Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27065
MITRE
NVD
CVE Title: Microsoft Exchange Server Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/7.2
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityFunctional
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

Is this vulnerability being used in an active attack?

Yes. The vulnerability described in this CVE is one of four vulnerabilities that are being exploited in an active attack. The security updates address this attack. More information can be found here: https://msrc-blog.microsoft.com/2021/03/02/multiple-security-updates-released-for-exchange-server.

What is the target for this attack?

The initial attack in this attack chain targets an Exchange On-prem server that is able to receive untrusted connections from an external source. In addition, the Exchange server would need to be running Microsoft Exchange Server 2013, 2016, or 2019.

Where can I get more information about how to protect myself from the vulnerabilities?

Please see On-Premises Exchange Server Vulnerabilities Resource Center – updated March 25, 2021.


If I install the Security Updates for the older Cumulative Updates, am I fully protected from vulnerabilities for all published CVEs?

No, you will be protected from the vulnerabilities documented by CVE-2021-27065, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858. You will not be protected from some previous CVEs as shown in the table below.

  • Yes: the system is protected from the vulnerability.
  • No: the system is not protected from the vulnerability.

Microsoft Exchange Server 2019

Date Released Severity CVE ES 2019 CU8 ES 2019 CU7 ES 2019 CU6 ES 2019 CU5 ES 2019 CU4 ES 2019 CU3 ES 2019 CU2 ES 2019 CU1 ES 2019
8/14/2018 Critical CVE-2018-8302 Yes Yes Yes Yes Yes Yes Yes Yes No
10/9/2018 Important CVE-2018-8448 Yes Yes Yes Yes Yes Yes Yes Yes No
11/13/2018 Important CVE-2018-8581 Yes Yes Yes Yes Yes Yes Yes No No
12/11/2018 Important CVE-2018-8604 Yes Yes Yes Yes Yes Yes Yes No No
1/8/2019 Important CVE-2019-0586 Yes Yes Yes Yes Yes Yes Yes No No
1/8/2019 Important CVE-2019-0588 Yes Yes Yes Yes Yes Yes Yes No No
2/12/2019 Important CVE-2019-0686 Yes Yes Yes Yes Yes Yes Yes No No
2/12/2019 Important CVE-2019-0724 Yes Yes Yes Yes Yes Yes Yes No No
9/10/2019 Important CVE-2019-1233 Yes Yes Yes Yes Yes Yes No No No
10/19/2019 Important CVE-2019-1266 Yes Yes Yes Yes Yes No No No No
11/12/2019 Critical CVE-2019-1373 Yes Yes Yes Yes Yes No No No No
2/11/2020 Important CVE-2020-0688 Yes Yes Yes Yes No No No No No
2/11/2020 Important CVE-2020-0692 Yes Yes Yes Yes No No No No No
3/10/2020 Important CVE-2020-0903 Yes Yes Yes Yes No No No No No
9/8/2020 Critical CVE-2020-16875 Yes Yes No No No No No No No
10/13/2020 Important CVE-2020-16969 Yes Yes No No No No No No No
11/10/2020 Important CVE-2020-17083 Yes Yes No No No No No No No
11/10/2020 Important CVE-2020-17084 Yes Yes No No No No No No No
11/10/2020 Important CVE-2020-17085 Yes Yes No No No No No No No
12/8/2020 Critical CVE-2020-17117 Yes Yes No No No No No No No
12/8/2020 Critical CVE-2020-17132 Yes Yes No No No No No No No
12/8/2020 Important CVE-2020-17141 Yes Yes No No No No No No No
12/8/2020 Critical CVE-2020-17142 Yes Yes No No No No No No No
12/8/2020 Important CVE-2020-17143 Yes Yes No No No No No No No
12/8/2020 Important CVE-2020-17144 Yes Yes No No No No No No No
2/9/2021 Important CVE-2021-1730 Yes Yes No No No No No No No
2/9/2021 Important CVE-2021-24085 Yes Yes No No No No No No No
3/2/2021 Important CVE-2021-26412 Yes Yes No No No No No No No
3/2/2021 Important CVE-2021-26854 Yes Yes No No No No No No No

Microsoft Exchange Server 2016

Date Released Severity CVE ES 2016 CU19 ES 2016 CU18 ES 2016 CU16 ES 2016 CU15 ES 2016 CU14 ES 2016 CU17 ES 2016 CU13 ES 2016 CU12 ES 2016 CU11 ES 2016 CU10 ES 2016 CU9 ES 2016 CU8
3/13/2018 Important CVE-2018-0940 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No
3/13/2018 Important CVE-2018-0941 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No
4/3/2018 Critical CVE-2018-0986 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No No
5/8/2018 Important CVE-2018-8151 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No No
5/8/2018 Important CVE-2018-8152 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No No
5/8/2018 Critical CVE-2018-8154 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No No
5/8/2018 Important CVE-2018-8159 Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No No
10/9/2018 Important CVE-2018-8265 Yes Yes Yes Yes Yes Yes Yes Yes Yes No No No
8/14/2018 Critical CVE-2018-8302 Yes Yes Yes Yes Yes Yes Yes Yes Yes No No No
10/9/2018 Important CVE-2018-8448 Yes Yes Yes Yes Yes Yes Yes Yes No No No No
11/13/2018 Important CVE-2018-8581 Yes Yes Yes Yes Yes Yes Yes Yes No No No No
12/11/2018 Important CVE-2018-8604 Yes Yes Yes Yes Yes Yes Yes Yes No No No No
1/8/2019 Important CVE-2019-0586 Yes Yes Yes Yes Yes Yes Yes Yes No No No No
1/8/2019 Important CVE-2019-0588 Yes Yes Yes Yes Yes Yes Yes Yes No No No No
2/12/2019 Important CVE-2019-0686 Yes Yes Yes Yes Yes Yes Yes Yes No No No No
2/12/2019 Important CVE-2019-0724 Yes Yes Yes Yes Yes Yes Yes Yes No No No No
4/9/2019 Important CVE-2019-0817 Yes Yes Yes Yes Yes Yes Yes No No No No No
4/9/2019 Important CVE-2019-0858 Yes Yes Yes Yes Yes Yes Yes No No No No No
7/9/2019 Important CVE-2019-1084 Yes Yes Yes Yes Yes Yes No No No No No No
7/9/2019 Important CVE-2019-1136 Yes Yes Yes Yes Yes Yes No No No No No No
7/9/2019 Important CVE-2019-1137 Yes Yes Yes Yes Yes Yes No No No No No No
9/10/2019 Important CVE-2019-1233 Yes Yes Yes Yes Yes Yes No No No No No No
10/19/2019 Important CVE-2019-1266 Yes Yes Yes Yes No Yes No No No No No No
11/12/2019 Critical CVE-2019-1373 Yes Yes Yes Yes No Yes No No No No No No
2/11/2020 Important CVE-2020-0688 Yes Yes Yes Yes No Yes No No No No No No
2/11/2020 Important CVE-2020-0692 Yes Yes Yes Yes No Yes No No No No No No
3/10/2020 Important CVE-2020-0903 Yes Yes Yes Yes No Yes No No No No No No
9/8/2020 Critical CVE-2020-16875 Yes Yes No No No No No No No No No No
10/13/2020 Important CVE-2020-16969 Yes Yes No No No No No No No No No No
11/10/2020 Important CVE-2020-17083 Yes Yes No No No No No No No No No No
11/10/2020 Important CVE-2020-17084 Yes Yes No No No No No No No No No No
11/10/2020 Important CVE-2020-17085 Yes Yes No No No No No No No No No No
12/8/2020 Critical CVE-2020-17117 Yes Yes No No No No No No No No No No
12/8/2020 Critical CVE-2020-17132 Yes Yes No No No No No No No No No No
12/8/2020 Important CVE-2020-17141 Yes Yes No No No No No No No No No No
12/8/2020 Critical CVE-2020-17142 Yes Yes No No No No No No No No No No
12/8/2020 Important CVE-2020-17143 Yes Yes No No No No No No No No No No
12/8/2020 Important CVE-2020-17144 Yes Yes No No No No No No No No No No
2/9/2021 Important CVE-2021-1730 Yes Yes No No No No No No No No No No
2/9/2021 Important CVE-2021-24085 Yes Yes No No No No No No No No No No
3/2/2021 Important CVE-2021-26412 Yes Yes No No No No No No No No No No
3/2/2021 Important CVE-2021-26854 Yes Yes No No No No No No No No No No
  • Microsoft Exchange Server 2013 CU 22 was released February 12, 2019 after which 31 vulnerabilities have been found and remediated.
  • Microsoft Exchange Server 2013 CU 21 was released June 19, 2018 after which 38 vulnerabilities have been found and remediated.
  • Microsoft Exchange Server 2013 Service Pack 1 was released February 25, 2014 after which 82 vulnerabilities have been found and remediated.

Please see Exchange Server build numbers and release dates for more information on Exchange Server Cumulative Updates release dates.


Mitigations:

Workarounds:
None
Revision:
3.0    2021-03-10T08:00:00Z    

Microsoft is releasing security updates for CVE-2021-27065, CVE-2021-26855, CVE-2021-26857, and CVE-2021-26858 for several Cumulative Updates that are out of support, including Exchange Server 2019 CU 3; and Exchange Server 2016 CU 17, CU 13, CU12; and Exchange Server 2013 CU 22, CU 21. These updates address only those CVEs. Customers who want to be protected from these vulnerabilities can apply these updates if they are not on a supported cumulative update. Microsoft strongly recommends that customers update to the latest supported cumulative updates.


4.0    2021-03-11T08:00:00Z    

Microsoft is releasing the final set of security updates for CVE-2021-27065, CVE-2021-26855, CVE-2021-26857, and CVE-2021-26858 for several Cumulative Updates that are out of support, including Exchange Server 2019, CU1 and CU2; and Exchange Server 2016 CU 8, CU 9, CU10, and CU11. These updates address only those CVEs. Customers who want to be protected from these vulnerabilities can apply these updates if they are not Exchange Server on a supported cumulative update. Microsoft strongly recommends that customers update to the latest supported cumulative updates.


5.0    2021-03-16T07:00:00Z    

Microsoft is releasing a security update for CVE-2021-27065, CVE-2021-26855, CVE-2021-26857, and CVE-2021-26858 for Microsoft Exchange Server 2013 Service Pack 1. This update addresses only those CVEs. Customers who want to be protected from these vulnerabilities can apply this update if they are not on a supported cumulative update. Microsoft strongly recommends that customers update to the latest supported cumulative updates.


1.0    2021-03-02T08:00:00Z    

Information published.


1.1    2021-03-02T08:00:00Z    

Updated one or more CVSS scores for the affected products.


2.0    2021-03-08T08:00:00Z    

Microsoft is releasing security updates for CVE-2021-27065, CVE-2021-26855, CVE-2021-26857, and CVE-2021-26858 for several Cumulative Updates that are out of support, including Exchange Server 2019 CU 6, CU 5, and CU 4 and Exchange Server 2016 CU 16, CU 15, and CU14. These updates address only those CVEs. Customers who want to be protected from these vulnerabilities can apply these updates if they are not on a supported cumulative update. Microsoft strongly recommends that customers update to the latest supported cumulative updates.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27065
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Exchange Server 2013 Cumulative Update 21 5000871 (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2013 Cumulative Update 22 5000871 (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2013 Cumulative Update 23 5000871 (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2013 Service Pack 1 5000871 (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 10 5000871 (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 11 5000871 (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 12 5000871 (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 13 5000871 (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 14 5000871 (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 15 5000871 (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 16 5000871 (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 17 5000871 (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 18 5000871 (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 19 5000871 (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 8 5000871 (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2016 Cumulative Update 9 5000871 (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2019 5000871 (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2019 Cumulative Update 1 5000871 (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2019 Cumulative Update 2 5000871 (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2019 Cumulative Update 3 5000871 (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2019 Cumulative Update 4 5000871 (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2019 Cumulative Update 5 5000871 (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2019 Cumulative Update 6 5000871 (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2019 Cumulative Update 7 5000871 (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes
Microsoft Exchange Server 2019 Cumulative Update 8 5000871 (Security Update) Critical Remote Code Execution None Base: 7.8
Temporal: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27065 Volexity


Orange Tsai from DEVCORE research team


Microsoft Threat Intelligence Center (MSTIC)


CVE-2021-27066 - Windows Admin Center Security Feature Bypass Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27066
MITRE
NVD
CVE Title: Windows Admin Center Security Feature Bypass Vulnerability
CVSS:

CVSS:3.0 4.3/3.8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityNone
AvailabilityNone
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Security Feature Bypass

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27066
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Windows Admin Center Release Notes (Security Update) Important Security Feature Bypass None Base: 4.3
Temporal: 3.8
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27066 Satya


CVE-2021-21300 - Git for Visual Studio Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21300
MITRE
NVD
CVE Title: Git for Visual Studio Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 8.8/7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Critical Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21300
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) Release Notes (Security Update) Critical Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3) Release Notes (Security Update) Critical Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) Release Notes (Security Update) Critical Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Visual Studio 2019 version 16.8 (includes 16.0 - 16.7) Release Notes (Security Update) Critical Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8) Release Notes (Security Update) Critical Remote Code Execution None Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21300 None

CVE-2021-27076 - Microsoft SharePoint Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27076
MITRE
NVD
CVE Title: Microsoft SharePoint Server Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 8.8/7.7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:

What is the attack vector for this vulnerability?

In a network-based attack an attacker can gain access to create a site and could execute code remotely within the kernel. The user would need to have privileges.


Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-09T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation More Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27076
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Business Productivity Servers 2010 Service Pack 2 3101541 (Security Update) Important Remote Code Execution 2553405 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft SharePoint Enterprise Server 2016 4493232 (Security Update) Important Remote Code Execution 4493195 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft SharePoint Foundation 2013 Service Pack 1 4493238 (Security Update) Important Remote Code Execution 4493210 Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe
Microsoft SharePoint Server 2019 4493230 (Security Update) Important Remote Code Execution 4493194
Base: 8.8
Temporal: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27076 Anonymous working with Trend Micro Zero Day Initiative


CVE-2021-27078 - Microsoft Exchange Server Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27078
MITRE
NVD
CVE Title: Microsoft Exchange Server Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 9.1/8.2
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-02T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27078
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Exchange Server 2013 Cumulative Update 23 5000871 (Security Update) Important Remote Code Execution 4602269
Base: 9.1
Temporal: 8.2
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 18 5000871 (Security Update) Important Remote Code Execution 4602269
Base: 9.1
Temporal: 8.2
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2016 Cumulative Update 19 5000871 (Security Update) Important Remote Code Execution 4602269
Base: 9.1
Temporal: 8.2
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 7 5000871 (Security Update) Important Remote Code Execution 4602269
Base: 9.1
Temporal: 8.2
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe
Microsoft Exchange Server 2019 Cumulative Update 8 5000871 (Security Update) Important Remote Code Execution 4602269
Base: 9.1
Temporal: 8.2
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27078 Steven Seeley (mr_me) of Source Incite


CVE-2021-27084 - Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27084
MITRE
NVD
CVE Title: Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 7.8/6.8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics
Exploit Code MaturityUnproven
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.1    2021-03-12T08:00:00Z    

Corrected Download and Article links in the Security Updates table. This is an informational change only.


1.0    2021-03-09T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Less Likely No No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27084
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Visual Studio Code - Java Extension Pack Release Notes (Security Update) Important Remote Code Execution None Base: 7.8
Temporal: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Maybe

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27084 David Dworken


CVE-2021-27085 - Internet Explorer Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27085
MITRE
NVD
CVE Title: Internet Explorer Remote Code Execution Vulnerability
CVSS:

CVSS:3.0 8.8/7.9
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeChanged
ConfidentialityLow
IntegrityHigh
AvailabilityLow
Temporal score metrics
Exploit Code MaturityProof-of-Concept
Remediation LevelOfficial Fix
Report ConfidenceConfirmed

FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.1    2021-03-12T08:00:00Z    

Added an acknowledgement and changed the Exploited flag to Yes. This is an informational update only.


1.0    2021-03-09T08:00:00Z    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Exploitation Detected No Yes

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27085
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems 5000809 (Security Update) Important Remote Code Execution 4601354 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems 5000809 (Security Update) Important Remote Code Execution 4601354 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems 5000809 (Security Update) Important Remote Code Execution 4601354 Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems 5000822 (Security Update) Important Remote Code Execution 4601345
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems 5000822 (Security Update) Important Remote Code Execution 4601345
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems 5000822 (Security Update) Important Remote Code Execution 4601345
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems 5000808 (Security Update) Important Remote Code Execution 4601315
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems 5000808 (Security Update) Important Remote Code Execution 4601315
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems 5000808 (Security Update) Important Remote Code Execution 4601315
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 2004 for 32-bit Systems 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 2004 for ARM64-based Systems 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 2004 for x64-based Systems 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 20H2 for 32-bit Systems 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 20H2 for ARM64-based Systems 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows 10 Version 20H2 for x64-based Systems 5000802 (Security Update) Important Remote Code Execution 4601319
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes
Internet Explorer 11 on Windows Server 2019 5000822 (Security Update) Important Remote Code Execution 4601345
Base: 8.8
Temporal: 7.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L/E:P/RL:O/RC:C
Yes

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27085 Chi-Yu You and Dhanesh Kizhakkinan of FireEye Inc.


CVE-2020-27844 - Chromium CVE-2020-27844: Heap buffer overflow in OpenJPEG

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-27844
MITRE
NVD
CVE Title: Chromium CVE-2020-27844: Heap buffer overflow in OpenJPEG
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:03:54Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-27844
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2020-27844 None

CVE-2021-21159 - Chromium CVE-2021-21159: Heap buffer overflow in TabStrip

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21159
MITRE
NVD
CVE Title: Chromium CVE-2021-21159: Heap buffer overflow in TabStrip
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:03:55Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21159
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21159 None

CVE-2021-21160 - Chromium CVE-2021-21160: Heap buffer overflow in WebAudio

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21160
MITRE
NVD
CVE Title: Chromium CVE-2021-21160: Heap buffer overflow in WebAudio
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:03:56Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21160
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21160 None

CVE-2021-21161 - Chromium CVE-2021-21161: Heap buffer overflow in TabStrip

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21161
MITRE
NVD
CVE Title: Chromium CVE-2021-21161: Heap buffer overflow in TabStrip
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:03:57Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21161
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21161 None

CVE-2021-21162 - Chromium CVE-2021-21162: Use after free in WebRTC

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21162
MITRE
NVD
CVE Title: Chromium CVE-2021-21162: Use after free in WebRTC
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:03:58Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21162
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21162 None

CVE-2021-21163 - Chromium CVE-2021-21163: Insufficient data validation in Reader Mode

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21163
MITRE
NVD
CVE Title: Chromium CVE-2021-21163: Insufficient data validation in Reader Mode
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:03:59Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21163
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21163 None

CVE-2021-21164 - Chromium CVE-2021-21164: Insufficient data validation in Chrome for iOS

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21164
MITRE
NVD
CVE Title: Chromium CVE-2021-21164: Insufficient data validation in Chrome for iOS
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:03:59Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21164
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21164 None

CVE-2021-21165 - Chromium CVE-2021-21165: Object lifecycle issue in audio

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21165
MITRE
NVD
CVE Title: Chromium CVE-2021-21165: Object lifecycle issue in audio
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:04:00Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21165
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21165 None

CVE-2021-21166 - Chromium CVE-2021-21166: Object lifecycle issue in audio

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21166
MITRE
NVD
CVE Title: Chromium CVE-2021-21166: Object lifecycle issue in audio
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:04:01Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21166
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21166 None

CVE-2021-21167 - Chromium CVE-2021-21167: Use after free in bookmarks

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21167
MITRE
NVD
CVE Title: Chromium CVE-2021-21167: Use after free in bookmarks
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:04:02Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21167
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21167 None

CVE-2021-21168 - Chromium CVE-2021-21168: Insufficient policy enforcement in appcache

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21168
MITRE
NVD
CVE Title: Chromium CVE-2021-21168: Insufficient policy enforcement in appcache
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:04:03Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21168
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21168 None

CVE-2021-21169 - Chromium CVE-2021-21169: Out of bounds memory access in V8

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21169
MITRE
NVD
CVE Title: Chromium CVE-2021-21169: Out of bounds memory access in V8
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:04:03Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21169
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21169 None

CVE-2021-21170 - Chromium CVE-2021-21170: Incorrect security UI in Loader

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21170
MITRE
NVD
CVE Title: Chromium CVE-2021-21170: Incorrect security UI in Loader
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:04:04Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21170
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21170 None

CVE-2021-21171 - Chromium CVE-2021-21171: Incorrect security UI in TabStrip and Navigation

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21171
MITRE
NVD
CVE Title: Chromium CVE-2021-21171: Incorrect security UI in TabStrip and Navigation
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:04:05Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21171
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21171 None

CVE-2021-21172 - Chromium CVE-2021-21172: Insufficient policy enforcement in File System API

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21172
MITRE
NVD
CVE Title: Chromium CVE-2021-21172: Insufficient policy enforcement in File System API
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:04:06Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21172
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21172 None

CVE-2021-21173 - Chromium CVE-2021-21173: Side-channel information leakage in Network Internals

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21173
MITRE
NVD
CVE Title: Chromium CVE-2021-21173: Side-channel information leakage in Network Internals
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:04:07Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21173
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21173 None

CVE-2021-21174 - Chromium CVE-2021-21174: Inappropriate implementation in Referrer

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21174
MITRE
NVD
CVE Title: Chromium CVE-2021-21174: Inappropriate implementation in Referrer
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:04:08Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21174
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21174 None

CVE-2021-21175 - Chromium CVE-2021-21175: Inappropriate implementation in Site isolation

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21175
MITRE
NVD
CVE Title: Chromium CVE-2021-21175: Inappropriate implementation in Site isolation
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:04:08Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21175
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21175 None

CVE-2021-21176 - Chromium CVE-2021-21176: Inappropriate implementation in full screen mode

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21176
MITRE
NVD
CVE Title: Chromium CVE-2021-21176: Inappropriate implementation in full screen mode
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:04:09Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21176
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21176 None

CVE-2021-21177 - Chromium CVE-2021-21177: Insufficient policy enforcement in Autofill

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21177
MITRE
NVD
CVE Title: Chromium CVE-2021-21177: Insufficient policy enforcement in Autofill
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:04:10Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21177
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21177 None

CVE-2021-21178 - Chromium CVE-2021-21178 : Inappropriate implementation in Compositing

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21178
MITRE
NVD
CVE Title: Chromium CVE-2021-21178 : Inappropriate implementation in Compositing
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:04:11Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21178
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21178 None

CVE-2021-21179 - Chromium CVE-2021-21179: Use after free in Network Internals

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21179
MITRE
NVD
CVE Title: Chromium CVE-2021-21179: Use after free in Network Internals
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:04:12Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21179
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21179 None

CVE-2021-21180 - Chromium CVE-2021-21180: Use after free in tab search

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21180
MITRE
NVD
CVE Title: Chromium CVE-2021-21180: Use after free in tab search
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:04:12Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21180
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21180 None

CVE-2021-21181 - Chromium CVE-2021-21181: Side-channel information leakage in autofill

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21181
MITRE
NVD
CVE Title: Chromium CVE-2021-21181: Side-channel information leakage in autofill
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:04:13Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21181
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21181 None

CVE-2021-21182 - Chromium CVE-2021-21182: Insufficient policy enforcement in navigations

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21182
MITRE
NVD
CVE Title: Chromium CVE-2021-21182: Insufficient policy enforcement in navigations
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:04:14Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21182
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21182 None

CVE-2021-21183 - Chromium CVE-2021-21183: Inappropriate implementation in performance APIs

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21183
MITRE
NVD
CVE Title: Chromium CVE-2021-21183: Inappropriate implementation in performance APIs
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:04:15Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21183
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21183 None

CVE-2021-21185 - Chromium CVE-2021-21185: Insufficient policy enforcement in extensions

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21185
MITRE
NVD
CVE Title: Chromium CVE-2021-21185: Insufficient policy enforcement in extensions
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:04:16Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21185
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21185 None

CVE-2021-21186 - Chromium CVE-2021-21186: Insufficient policy enforcement in QR scanning

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21186
MITRE
NVD
CVE Title: Chromium CVE-2021-21186: Insufficient policy enforcement in QR scanning
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:04:17Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21186
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21186 None

CVE-2021-21187 - Chromium CVE-2021-21187: Insufficient data validation in URL formatting

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21187
MITRE
NVD
CVE Title: Chromium CVE-2021-21187: Insufficient data validation in URL formatting
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:04:17Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21187
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21187 None

CVE-2021-21188 - Chromium CVE-2021-21188: Use after free in Blink

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21188
MITRE
NVD
CVE Title: Chromium CVE-2021-21188: Use after free in Blink
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:04:18Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21188
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21188 None

CVE-2021-21189 - Chromium CVE-2021-21189: Insufficient policy enforcement in payments

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21189
MITRE
NVD
CVE Title: Chromium CVE-2021-21189: Insufficient policy enforcement in payments
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:04:19Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21189
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21189 None

CVE-2021-21190 - Chromium CVE-2021-21190 : Uninitialized Use in PDFium

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21190
MITRE
NVD
CVE Title: Chromium CVE-2021-21190 : Uninitialized Use in PDFium
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T20:04:20Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21190
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21190 None

CVE-2021-21184 - Chromium CVE-2021-21184: Inappropriate implementation in performance APIs

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21184
MITRE
NVD
CVE Title: Chromium CVE-2021-21184: Inappropriate implementation in performance APIs
CVSS:
None
FAQ:

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.45 3/4/2021 89.0.4389.72

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-04T21:57:04Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21184
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21184 None

CVE-2021-21191 - Chromium CVE-2021-21191: Use after free in WebRTC

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21191
MITRE
NVD
CVE Title: Chromium CVE-2021-21191: Use after free in WebRTC
CVSS:
None
FAQ:

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.54 3/13/2021 89.0.4389.90

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-15T16:21:11Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21191
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21191 None

CVE-2021-21192 - Chromium CVE-2021-21192: Heap buffer overflow in tab groups

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21192
MITRE
NVD
CVE Title: Chromium CVE-2021-21192: Heap buffer overflow in tab groups
CVSS:
None
FAQ:

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.54 3/13/2021 89.0.4389.90

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-15T16:21:13Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21192
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21192 None

CVE-2021-21193 - Chromium CVE-2021-21193: Use after free in Blink

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-21193
MITRE
NVD
CVE Title: Chromium CVE-2021-21193: Use after free in Blink
CVSS:
None
FAQ:

What is the version information for this release?

Microsoft Edge Version Date Released Based on Chromium Version
89.0.774.54 3/13/2021 89.0.4389.90

Why is this Chrome CVE included in the Security Update Guide?

The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information.

How can I see the version of the browser?

  1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
  2. Click on Help and Feedback
  3. Click on About Microsoft Edge

Mitigations:
None
Workarounds:
None
Revision:
1.0    2021-03-15T16:21:14Z    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment of each of the vulnerabilities addressed this month. The vulnerabilities are listed in order of bulletin ID then CVE ID. Only vulnerabilities that have a severity rating of Critical or Important in the bulletins are included.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-21193
Product KB Article Severity Impact Supercedence CVSS Score Set Restart Required
Microsoft Edge (Chromium-based) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
Unknown

Acknowledgements

CVE ID Acknowledgements
CVE-2021-21193 None